Lucene search
+L

65 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:5 p.m.9 views

CVE-2021-37455

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan stored...

5.4CVSS6.1AI score0.00589EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/09/01 12:0 a.m.18 views

PT-2023-13335 · Motorola Mobility +1 · Motorola Smartphones +1

Name of the Vulnerable Software and Affected Versions: Smartphone firmware affected versions not specified Description: In some cases, when a device is USB-tethered to a host PC and sharing its mobile network connection, originating a call on the device may cause the device's modem to reset,...

4.9CVSS4.4AI score0.00212EPSS
Exploits0References4
Prion
Prion
added 2022/12/22 8:15 p.m.27 views

Cross site request forgery (csrf)

When clicking on a tel: link, USSD codes, specified after a \ character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.This bug only affects...

6.8CVSS8AI score0.00364EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/15 12:0 a.m.7 views

The vulnerability of the SprdContactsProvider implementation in the Telephony component of Android operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SprdContactsProvider implementation in the Telephony component of Android operating systems is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected...

6.5CVSS6.5AI score0.00296EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/07/13 7:15 p.m.7 views

CVE-2022-20217

There is a unauthorized broadcast in the SprdContactsProvider. A third-party app could use this issue to delete Fdn contact.Product: AndroidVersions: Android SoCAndroid ID: A-232441378...

6.5CVSS6.6AI score0.00296EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/07/06 12:0 a.m.4 views

PT-2022-4134 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue is related to the SprdContactsProvider component in the Android Telephony system, which has weaknesses in its authorization mechanism. This could allow a remote attacker to ga...

6.5CVSS6.4AI score0.00296EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/06/15 1:15 p.m.5 views

CVE-2022-20134

In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.2AI score0.00113EPSS
Exploits0References2
HackRead
HackRead
added 2022/05/19 5:40 p.m.16 views

New Robo-Dialing Campaign Lets Users Prank Call Russian Bureaucrats

By Waqas If you want to prevent Russian officials from performing their government duties, theres a website that can fulfill… This is a post from HackRead.com Read the original post: New Robo-Dialing Campaign Lets Users Prank Call Russian Bureaucrats...

3.3AI score
Exploits0
CNVD
CNVD
added 2021/07/26 12:0 a.m.22 views

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55887)

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the failure of the product's outbound dialing plan to properly filter incoming data for special characters, which can be...

5.4CVSS3.2AI score0.00589EPSS
Exploits1References1
OSV
OSV
added 2021/07/25 9:15 p.m.3 views

CVE-2021-37455

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan stored...

5.4CVSS6.1AI score0.00589EPSS
Exploits1References2
NVD
NVD
added 2021/07/25 9:15 p.m.11 views

CVE-2021-37455

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan stored...

5.4CVSS0.00589EPSS
Exploits1References2
Prion
Prion
added 2021/07/25 9:15 p.m.11 views

Cross site scripting

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan stored...

3.5CVSS5.3AI score0.00589EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/07/25 8:11 p.m.63 views

CVE-2021-37455

CVE-2021-37455 describes a stored cross-site scripting (XSS) vulnerability in NCH Axon PBX, affecting v2.22 and earlier. The issue arises in the outbound dialing plan, where user-supplied data is not properly filtered for special characters, enabling execution of client-side code. The connected s...

5.4CVSS5.3AI score0.00589EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/07/25 8:11 p.m.15 views

CVE-2021-37455

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan stored...

5.5AI score0.00589EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/25 12:0 a.m.6 views

NCH Axon PBX 跨站脚本漏洞

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the failure of the product's outbound dialing plan to properly filter incoming data for special characters, which can be...

5.4CVSS5.3AI score0.00589EPSS
Exploits1References3
Fedora
Fedora
added 2019/08/19 2:29 a.m.27 views

[SECURITY] Fedora 29 Update: mgetty-1.2.1-6.fc29

The mgetty package contains a "smart" getty which allows logins over a serial line i.e., through a modem. If you're using a Class 2 or 2.0 modem, mgetty can receive faxes. If you also need to send faxes, you'll need to install the sendfax program. If you'll be dialing in to your system using a...

5.5CVSS2.4AI score0.00835EPSS
Exploits0
CNVD
CNVD
added 2018/12/29 12:0 a.m.4 views

Orange Livebox Cross-Site Request Forgery Vulnerability (CNVD-2019-03335)

Orange Livebox is an ADSL Asymmetric Digital Subscriber Line modem. In Orange Livebox version 00.96.320S Firmware version 00.96.320S, Boot v0.70.03, Modem version 5.4.1.10.1.1A, Hardware version 02 and Arcadyan ARV7519RW22-A-L T VR9 version 1.2 and Arcadyan ARV7519RW22-A-L T VR9 1.2 versions, a...

5.8CVSS6.9AI score0.00412EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2017/11/05 3:24 a.m.15 views

thetimenow.com XSS vulnerability

Open Bug Bounty ID: OBB-391556 Description| Value ---|--- Affected Website:| thetimenow.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
Fedora
Fedora
added 2017/07/27 9:53 p.m.16 views

[SECURITY] Fedora 25 Update: minicom-2.7.1-1.fc25

Minicom is a simple text-based modem control and terminal emulation program somewhat similar to MSDOS Telix. Minicom includes a dialing directory, full ANSI and VT100 emulation, an external scripting language, and other features...

1.4AI score
Exploits0
Fedora
Fedora
added 2017/07/27 7:51 p.m.19 views

[SECURITY] Fedora 24 Update: minicom-2.7.1-1.fc24

Minicom is a simple text-based modem control and terminal emulation program somewhat similar to MSDOS Telix. Minicom includes a dialing directory, full ANSI and VT100 emulation, an external scripting language, and other features...

1.4AI score
Exploits0
Rows per page
Query Builder