14 matches found
EUVD-2023-29153
Malicious code in bioql PyPI...
EUVD-2025-19693
Malicious code in bioql PyPI...
EUVD-2025-19725
Malicious code in bioql PyPI...
CVE-2025-24334
The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator MNO internal RAN management network...
CVE-2025-24330 OAM service path traversal issue caused by a crafted SOAP message PlanId field within the RAN management network
Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been...
CVE-2025-24330
CVE-2025-24330 affects Nokia Single RAN baseband software prior to 24R1-SR 1.0 MP. A crafted SOAP provision operation message with the PlanId field in the MNO internal RAN management network can cause a path traversal. The issue is mitigated in 24R1-SR 1.0 MP and later by input validations in the...
CVE-2025-24329 OAM service path traversal issue caused by a crafted SOAP message archive field within the RAN management network
Sending a crafted SOAP "provision" operation message archive field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has bee...
CVE-2025-24328 OAM service stack overflow caused by crafted SOAP message within the MNO internal RAN management network
Sending a crafted SOAP "set" operation message within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to...
PT-2025-27606 · Nokia · Nokia Single Ran Baseband Oam Service
Name of the Vulnerable Software and Affected Versions: Nokia Single RAN baseband OAM service component versions prior to 24R1-SR 1.0 MP Description: The issue occurs when a crafted SOAP "set" operation message is sent within the Mobile Network Operator MNO internal Radio Access Network RAN...
AI Granny Daisy takes up scammers’ time so they can’t bother you
A mobile network operator has called in the help of Artificial Intelligence AI in the battle against phone scammers. Virgin Media O2 in the UK has built an AI persona called Daisy with the sole purpose of keeping scammers occupied for as long as possible. Basically, until the scammers give up,...
CVE-2023-25189
Summary: CVE-2023-25189 is an information-disclosure vulnerability affecting Nokia BTS Web Element Manager, enabling mobile network operator personnel to read BTS service operation details performed by Nokia Care personnel via SSH, regardless of their access privileges. Affected component: BTS We...
New API Lets App Developers Authenticate Users via SIM Cards
Online account creation poses a challenge for engineers and system architects: if you put up too many barriers, you risk turning away genuine users. Make it too easy, and you risk fraud or fake accounts. The Problem with Identity Verification The traditional model of online identity –...
Cell Phone Location Privacy
We all know that our cell phones constantly give our location away to our mobile network operators; that’s how they work. A group of researchers has figured out a way to fix that. “Pretty Good Phone Privacy” PGPP protects both user identity and user location using the existing cellular networks. ...
Innovation Driven by Operational Experience and Engineering Insight Deters NXNS Attacks
DNS and security have had a long and tangled relationship. The DNS has always been an attractive target since it's a network leverage point. At DNS OARC 30 in Bangkok in 2019, Akamai's Ralf Weber did a presentation called DNS Security: Past, Present, and Future It's Not Easy covering numerous DNS...