29 matches found
EUVD-2025-19725
Malicious code in bioql PyPI...
EUVD-2025-19700
Malicious code in bioql PyPI...
EUVD-2025-19701
Malicious code in bioql PyPI...
EUVD-2025-19693
Malicious code in bioql PyPI...
CVE-2025-24334
The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator MNO internal RAN management network...
CVE-2025-24333
Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via special characters added...
CVE-2025-24332
Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity board...
CVE-2025-24328
Sending a crafted SOAP "set" operation message within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to...
The vulnerability of the OAM service of the Nokia Single RAN network management platform allows a attacker to cause a service failure.
The vulnerability of the OAM service of the Nokia Single RAN network management platform is related to buffer overflow in the stack. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the OAM service of the Nokia Single RAN network management platform allows a hacker to enhance their privileges.
The vulnerability of the OAM service of the Nokia Single RAN network management platform is related to incorrect restrictions on the path name to the catalog, leading to errors in privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2025-24329
Sending a crafted SOAP "provision" operation message archive field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has bee...
CVE-2025-24334
The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator MNO internal RAN management network...
CVE-2025-24330
Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been...
CVE-2025-24335 SOAP message input validation fault could in theory cause OAM service resource exhaustion
Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP contain a SOAP message input validation flaw, which in theory could potentially be used for causing resource exhaustion in the Single RAN baseband OAM service. No practical exploit has been detected for this flaw. However, th...
CVE-2025-24335
CVE-2025-24335 affects Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP, where a SOAP message input validation flaw could potentially cause resource exhaustion of the OAM service. The issue has not been observed in the wild; Nokia reports the vulnerability is mitigated star...
CVE-2025-24335 SOAP message input validation fault could in theory cause OAM service resource exhaustion
Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP contain a SOAP message input validation flaw, which in theory could potentially be used for causing resource exhaustion in the Single RAN baseband OAM service. No practical exploit has been detected for this flaw. However, th...
CVE-2025-24334 The Nokia Single RAN baseband reveals its software version through the MNO internal RAN management network
The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator MNO internal RAN management network...
CVE-2025-24334
The Nokia Single RAN baseband software before 23R2-SR 1.0 MP is affected. An attacker can reveal the exact software release version by sending a specific HTTP POST request through the MNO internal RAN management network, leading to information disclosure. Remediation: upgrade to 23R2-SR 1.0 MP or...
CVE-2025-24330 OAM service path traversal issue caused by a crafted SOAP message PlanId field within the RAN management network
Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been...
CVE-2025-24329 OAM service path traversal issue caused by a crafted SOAP message archive field within the RAN management network
Sending a crafted SOAP "provision" operation message archive field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has bee...