25 matches found
Astra Linux – Vulnerability in ofono
A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodedeliver function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS. There i...
Astra Linux – Vulnerability in ofono
A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodestatusreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS...
CVE-2026-44475
Ella Core is a 5G core designed for private networks. Prior to 1.10.0, Ella Core does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values. A malicious gNB can overwrite Ella Core's stored UE security capabilities for any UE with...
CVE-2026-44475 Ella Core: UE Security Capability bypass on NGAP PathSwitchRequest
Ella Core is a 5G core designed for private networks. Prior to 1.10.0, Ella Core does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values. A malicious gNB can overwrite Ella Core's stored UE security capabilities for any UE with...
Improperly Implemented Security Check for Standard
Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper verification of UE Security Capabilities in the PathSwitchRequest messages. An attacker can alter stored security capabilities for any user equipment by sending a crafte...
PT-2026-39669
Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.10.0 Description Ella Core, a 5G core for private networks, fails to verify UE Security Capabilities received in NGAP 'PathSwitchRequest' messages against locally stored values. This allows a malicious gNB to...
PT-2026-1366
Name of the Vulnerable Software and Affected Versions Modem affected versions not specified Description A flaw exists in Modem that may cause a system crash due to improper error handling. This could result in a remote denial of service if a User Equipment UE connects to a malicious base station...
PT-2026-1378
Name of the Vulnerable Software and Affected Versions Modem affected versions not specified Description A flaw exists in Modem that could lead to a remote denial of service. This occurs due to incorrect error handling when a user equipment UE connects to a malicious base station controlled by an...
PT-2025-44965
Name of the Vulnerable Software and Affected Versions Huawei Modem affected versions not specified Description The Huawei Modem contains a flaw where an incorrect bounds check can lead to an out-of-bounds write. This condition could allow for remote escalation of privilege if a User Equipment UE...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets that stems from incorrect boundary checking, which could lead to out-of-bounds writes, and remote elevation of privilege if the user's device is connected to a...
EUVD-2023-34250
Malicious code in bioql PyPI...
EUVD-2023-54108
Malicious code in bioql PyPI...
EUVD-2023-54105
Malicious code in bioql PyPI...
CVE-2023-4233
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the smsdecodeaddressfield function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS...
CVE-2023-4233
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the smsdecodeaddressfield function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS...
CVE-2023-4235
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliverreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
DEBIAN-CVE-2023-4232
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
CVE-2023-4232
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
CVE-2023-4234
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodesubmitreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
CVE-2023-4232
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...