CVE-2026-31798 JumpServer Improper Certificate Validation in Custom SMS API Client

JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v4.10.16-lts, JumpServer improperly validates certificates in the Custom SMS API Client. When JumpServer sends MFA/OTP codes via Custom SMS API, an attacker can intercept the request and...

PT-2024-38413

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

PT-2023-30969 · Unknown · Availability Booking Calendar

Name of the Vulnerable Software and Affected Versions: Availability Booking Calendar version 5.0 Description: The issue concerns Multiple HTML Injection problems. These issues can be exploited via the SMS API Key or the Default Country Code. Recommendations: For Availability Booking Calendar...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability, which is caused by the disclosure of side channel information in the SMS service. The vulnerability can be exploited by an attacker to obtain sensitive...

Drupal SMS Framework Module Cross-Site Scripting Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.SMS Framework is one of the modules that enables the SMS protocol. A cross-site scripting vulnerability exists in the Drupal SMS Framework module due to the program's failure to...