Lucene search
K

25 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in ofono

A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodedeliver function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS. There i...

8.1CVSS7.1AI score0.0124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in ofono

A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodestatusreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS...

8.1CVSS7.1AI score0.00947EPSS
Exploits1References2
NVD
NVD
added 2026/05/27 5:16 p.m.12 views

CVE-2026-44475

Ella Core is a 5G core designed for private networks. Prior to 1.10.0, Ella Core does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values. A malicious gNB can overwrite Ella Core's stored UE security capabilities for any UE with...

6.1CVSS0.00148EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 3:15 p.m.46 views

CVE-2026-44475 Ella Core: UE Security Capability bypass on NGAP PathSwitchRequest

Ella Core is a 5G core designed for private networks. Prior to 1.10.0, Ella Core does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values. A malicious gNB can overwrite Ella Core's stored UE security capabilities for any UE with...

6.1CVSS0.00148EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/11 3:29 p.m.3 views

Improperly Implemented Security Check for Standard

Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper verification of UE Security Capabilities in the PathSwitchRequest messages. An attacker can alter stored security capabilities for any user equipment by sending a crafte...

6.1CVSS5.3AI score0.00148EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.14 views

PT-2026-39669

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.10.0 Description Ella Core, a 5G core for private networks, fails to verify UE Security Capabilities received in NGAP 'PathSwitchRequest' messages against locally stored values. This allows a malicious gNB to...

6.1CVSS6AI score0.00148EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.9 views

PT-2026-1366

Name of the Vulnerable Software and Affected Versions Modem affected versions not specified Description A flaw exists in Modem that may cause a system crash due to improper error handling. This could result in a remote denial of service if a User Equipment UE connects to a malicious base station...

7.5CVSS6.5AI score0.00234EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.6 views

PT-2026-1378

Name of the Vulnerable Software and Affected Versions Modem affected versions not specified Description A flaw exists in Modem that could lead to a remote denial of service. This occurs due to incorrect error handling when a user equipment UE connects to a malicious base station controlled by an...

7.5CVSS6.5AI score0.00253EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.8 views

PT-2025-44965

Name of the Vulnerable Software and Affected Versions Huawei Modem affected versions not specified Description The Huawei Modem contains a flaw where an incorrect bounds check can lead to an out-of-bounds write. This condition could allow for remote escalation of privilege if a User Equipment UE...

7.5CVSS7AI score0.00468EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.3 views

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets that stems from incorrect boundary checking, which could lead to out-of-bounds writes, and remote elevation of privilege if the user's device is connected to a...

7.5CVSS7AI score0.00468EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-34250

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.0124EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-54108

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.00936EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-54105

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.00947EPSS
Exploits1References1
NVD
NVD
added 2024/04/17 11:15 p.m.14 views

CVE-2023-4233

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the smsdecodeaddressfield function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS...

8.1CVSS8.1AI score0.01006EPSS
Exploits0References3
OSV
OSV
added 2024/04/17 11:15 p.m.8 views

CVE-2023-4233

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the smsdecodeaddressfield function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS...

8.1CVSS8.1AI score
Exploits0References3
OSV
OSV
added 2024/04/17 11:15 p.m.5 views

CVE-2023-4235

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliverreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...

8.1CVSS8.1AI score
Exploits0References2
OSV
OSV
added 2024/04/17 11:15 p.m.2 views

DEBIAN-CVE-2023-4232

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...

8.1CVSS7.6AI score0.00947EPSS
Exploits1References1
OSV
OSV
added 2024/04/17 11:15 p.m.7 views

CVE-2023-4232

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...

8.1CVSS8.1AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/04/17 11:15 p.m.27 views

CVE-2023-4234

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodesubmitreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...

8.1CVSS7.1AI score0.01139EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/04/17 11:15 p.m.25 views

CVE-2023-4232

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...

8.1CVSS7.1AI score0.00947EPSS
Exploits1References3
Rows per page
Query Builder