EUVD-2024-52197

Malicious code in bioql PyPI...

CVE-2024-53935

The com.callos14.callscreen.colorphone aka iCall OS17 - Color Phone Flash application through 4.3 for Android enables any application with no permissions to place phone calls without user interaction by sending a crafted intent via the com.callos14.callscreen.colorphone.DialerActivity component...

CVE-2024-53935

The com.callos14.callscreen.colorphone aka iCall OS17 - Color Phone Flash application through 4.3 for Android enables any application with no permissions to place phone calls without user interaction by sending a crafted intent via the com.callos14.callscreen.colorphone.DialerActivity component...

CVE-2024-53935

CVE-2024-53935 affects the Android app com.callos14.callscreen.colorphone (aka iCall OS17 - Color Phone Flash) ≤ 4.3. The vulnerability lies in the DialerActivity component, where a crafted intent can be sent by any application with no permissions to initiate phone calls without user interaction....

Galaxy studio apps iCall OS17 Color Phone Flash 安全漏洞

Galaxy studio apps iCall OS17 Color Phone Flash is a default dialer application from Galaxy studio apps, Inc. A security vulnerability exists in Galaxy studio apps iCall OS17 Color Phone Flash version 4.3 and earlier, which originates from a crafted intent that can be sent via the...

K16728: iCall privilege escalation vulnerability CVE-2015-3628

Security Advisory Description An authenticated user, with Resource Administrator role permissions, is able to use iCall scripts and associated handlers to create and modify user account properties. CVE-2015-3628 Impact An authenticated user with limited access Resource Administration may be able ...

Use the F5 ICall scripting mention the right vulnerability analysis(CVE-2 0 1 5-3 6 2 8)-vulnerability warning-the black bar safety net

Earlier this year, GDS in F5 BIG-IP LTM found a loophole, this loophole allows limited user access to the system after the extraction and at the mention of the right after the successful remote execution of the command. This article will show you how to manually take advantage of this...

F5 iControl - 'iCall::Script' Root Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit3 "http://schemas.xmlsoap.org/soap/encoding/" STRINGATTRS = 'xsi:type' = 'urn:Common.StringSequence',...

F5 BIG-IP - iCall privilege escalation vulnerability CVE-2015-3628

F5 BIG-IP is prone to a privilege escalation vulnerability SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if...

F5 Networks BIG-IP : iCall privilege escalation vulnerability (K16728)

An authenticated user, with Resource Administrator role permissions, is able to use iCall scripts and associated handlers to create and modify user account properties. CVE-2015-3628 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5...