62 matches found
CVE-2022-33248
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http...
Integer overflow
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http...
Qualcomm 芯片输入验证错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and is often fabricated on the surface of semiconductor wafers. A security vulnerability exists in the User Identity module of the Qualcomm chip...
CVE-2022-33248 Integer overflow to buffer overflow in User Identity Module
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http...
CVE-2022-33248
CVE-2022-33248: Memory corruption in Qualcomm's User Identity Module caused by an integer overflow leading to a buffer overflow when a segment is received via qmi http. Affected: Qualcomm chip components with a local attack vector and high impact (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H; b...
PT-2023-13260 · Unknown · User Identity Module
Name of the Vulnerable Software and Affected Versions: User Identity Module affected versions not specified Description: The issue is related to memory corruption in the User Identity Module due to an integer overflow that leads to a buffer overflow. This occurs when a segment is received via qmi...
ALPINE-CVE-2022-41860
In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash...
Malicious code in identity-module-miniapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0542d6c493c3b6ae5639bba02c5e0ff7dde9a666fb7204e112c86bf4ddd9747 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3770 Malicious code in identity-module-miniapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0542d6c493c3b6ae5639bba02c5e0ff7dde9a666fb7204e112c86bf4ddd9747 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Samsung mobile 安全漏洞
Samsung mobile is a cell phone from Samsung, South Korea. Samsung mobile low-battery dumpstate log is vulnerable to information disclosure due to a lack of protection of sensitive information in the low-battery dumpstate log. A local attacker could use this vulnerability to obtain SIM card...
Samsung mobile 日志信息泄露漏洞
Samsung Find My Mobile is an application to find a cell phone by the South Korean company Samsung Samsung. An information disclosure vulnerability exists in Samsung Find My Mobile prior to version 7.2.24.12, FmmExtraOperation. A local attacker with log access could exploit the vulnerability to...
CVE-2021-40018
The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality...
CVE-2021-40021
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality...
Wokka Lokka Q50 信息泄露漏洞
The Wokka Lokka Q50 is a children's smartwatch from Wokka Lokka USA. The Wokka Lokka Q50 suffers from an information disclosure vulnerability that originates from allowing a remote attacker knowing the SIM phone number and passcode to listen to the device's surroundings via callbacks in SMS...
TK-Star Q90 Junior GPS horloge security vulnerability
TK-Star Q90 Junior GPS horloge is a Gps location tracker from TK-Star, China. A security vulnerability exists in the TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices, which can be exploited by an attacker to more easily use a SIM card by stealing the device...
Samsung Mobile Device Input Validation Error Vulnerability (CNVD-2020-29836)
Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An input validation error vulnerability exists in Samsung mobile devices that originates from a network system or product that does not properly validate incoming data and can be...
Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-33786)
Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by attackers to bypass FRP with the help of a SIM card...
The vulnerability of the Qualcomm User Identity Module component in the Android operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Qualcomm User Identity Module component in the Android operating system arises from buffer overflows during the processing of responses from SIM cards. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility o...
The vulnerability of the USIM responder in the Android operating system from the CAF repository allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Android operating system from the CAF repository exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information during the processing of...
Google Android Qualcomm Component Unauthorized Operation Vulnerability (CNVD-2017-26834)
Android is a Linux-based open-source operating system developed by Google and the Open Handheld Alliance OHA, and Qualcomm closed-source components are among the closed-source components developed by Qualcomm. An input validation vulnerability exists in the USIM response handling process of the...