Lucene search
+L

62 matches found

NVD
NVD
added 2023/02/12 4:15 a.m.28 views

CVE-2022-33248

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http...

7.8CVSS8AI score0.00125EPSS
Exploits0References1
Prion
Prion
added 2023/02/12 4:15 a.m.26 views

Integer overflow

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http...

4.3CVSS7.9AI score0.00125EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/12 12:0 a.m.7 views

Qualcomm 芯片输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and is often fabricated on the surface of semiconductor wafers. A security vulnerability exists in the User Identity module of the Qualcomm chip...

7.8CVSS7.7AI score0.00125EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/09 6:58 a.m.37 views

CVE-2022-33248 Integer overflow to buffer overflow in User Identity Module

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http...

7.8CVSS8.2AI score0.00125EPSS
Exploits0References1
CVE
CVE
added 2023/02/09 6:58 a.m.101 views

CVE-2022-33248

CVE-2022-33248: Memory corruption in Qualcomm's User Identity Module caused by an integer overflow leading to a buffer overflow when a segment is received via qmi http. Affected: Qualcomm chip components with a local attack vector and high impact (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H; b...

7.8CVSS8AI score0.00125EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/02/09 12:0 a.m.7 views

PT-2023-13260 · Unknown · User Identity Module

Name of the Vulnerable Software and Affected Versions: User Identity Module affected versions not specified Description: The issue is related to memory corruption in the User Identity Module due to an integer overflow that leads to a buffer overflow. This occurs when a segment is received via qmi...

7.8CVSS7.5AI score0.00125EPSS
Exploits0References4
OSV
OSV
added 2023/01/17 6:15 p.m.3 views

ALPINE-CVE-2022-41860

In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash...

7.5CVSS7.1AI score0.01171EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:14 p.m.4 views

Malicious code in identity-module-miniapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0542d6c493c3b6ae5639bba02c5e0ff7dde9a666fb7204e112c86bf4ddd9747 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:14 p.m.7 views

MAL-2022-3770 Malicious code in identity-module-miniapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0542d6c493c3b6ae5639bba02c5e0ff7dde9a666fb7204e112c86bf4ddd9747 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
CNNVD
CNNVD
added 2022/06/07 12:0 a.m.4 views

Samsung mobile 安全漏洞

Samsung mobile is a cell phone from Samsung, South Korea. Samsung mobile low-battery dumpstate log is vulnerable to information disclosure due to a lack of protection of sensitive information in the low-battery dumpstate log. A local attacker could use this vulnerability to obtain SIM card...

3.3CVSS5.5AI score0.00085EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/06/07 12:0 a.m.4 views

Samsung mobile 日志信息泄露漏洞

Samsung Find My Mobile is an application to find a cell phone by the South Korean company Samsung Samsung. An information disclosure vulnerability exists in Samsung Find My Mobile prior to version 7.2.24.12, FmmExtraOperation. A local attacker with log access could exploit the vulnerability to...

3.3CVSS5.6AI score0.00204EPSS
Exploits0References3
OSV
OSV
added 2022/01/10 2:10 p.m.4 views

CVE-2021-40018

The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality...

7.5CVSS7.1AI score0.00672EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/01/10 2:10 p.m.4 views

CVE-2021-40021

The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality...

7.5CVSS7.1AI score0.00672EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/12/01 12:0 a.m.4 views

Wokka Lokka Q50 信息泄露漏洞

The Wokka Lokka Q50 is a children's smartwatch from Wokka Lokka USA. The Wokka Lokka Q50 suffers from an information disclosure vulnerability that originates from allowing a remote attacker knowing the SIM phone number and passcode to listen to the device's surroundings via callbacks in SMS...

9.3CVSS7.8AI score0.01041EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/02/01 12:0 a.m.9 views

TK-Star Q90 Junior GPS horloge security vulnerability

TK-Star Q90 Junior GPS horloge is a Gps location tracker from TK-Star, China. A security vulnerability exists in the TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices, which can be exploited by an attacker to more easily use a SIM card by stealing the device...

6.8CVSS6.7AI score0.00394EPSS
Exploits0References3
CNVD
CNVD
added 2020/03/25 12:0 a.m.4 views

Samsung Mobile Device Input Validation Error Vulnerability (CNVD-2020-29836)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An input validation error vulnerability exists in Samsung mobile devices that originates from a network system or product that does not properly validate incoming data and can be...

4.6CVSS6.6AI score0.00134EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/25 12:0 a.m.6 views

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-33786)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by attackers to bypass FRP with the help of a SIM card...

6.8CVSS6.5AI score0.00141EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/07/19 12:0 a.m.6 views

The vulnerability of the Qualcomm User Identity Module component in the Android operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Qualcomm User Identity Module component in the Android operating system arises from buffer overflows during the processing of responses from SIM cards. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility o...

10CVSS5.7AI score0.01354EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/09/01 12:0 a.m.7 views

The vulnerability of the USIM responder in the Android operating system from the CAF repository allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Android operating system from the CAF repository exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information during the processing of...

10CVSS7.8AI score0.00836EPSS
Exploits0References3
CNVD
CNVD
added 2017/08/19 12:0 a.m.4 views

Google Android Qualcomm Component Unauthorized Operation Vulnerability (CNVD-2017-26834)

Android is a Linux-based open-source operating system developed by Google and the Open Handheld Alliance OHA, and Qualcomm closed-source components are among the closed-source components developed by Qualcomm. An input validation vulnerability exists in the USIM response handling process of the...

10CVSS9.3AI score0.00836EPSS
Exploits0References1
Rows per page
Query Builder