CVE-2026-24767

NocoDB CVE-2026-24767 describes a blind SSRF in uploadViaURL prior to version 0.301.0, where an unprotected HEAD request during metadata retrieval can trigger outbound requests before SSRF controls apply. The vulnerability affects the metadata stage of uploadViaURL, with the subsequent file fetch...

EUVD-2018-13130

Malware in sbrugna...

EUVD-2017-9759

Malware in sbrugna...

Call centres. Outbound call verification

TL;DR: Stop asking customers to verify themselves Reduce friction and annoyance Empower your staff to be more effective Develop an alternative model that works best for you I’m sure we’ve all experienced authenticating ourselves when calling a company. You have a hopefully trusted contact number,...

CVE-2019-20470

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions based on certain SMS commands. This can be used to set up a voice communication channel from the watch to any telephone number, initiated by sending a specific SMS and using the default password,...

CVE-2019-20470

The TK-Star Q90 Junior GPS watch (firmware 3.1042.9.8656) is affected by CVE-2019-20470 and CVE-2019-20471. A default administrative password (123456) is used at initial setup and there is no prompt to change it. An SMS with the proper password, e.g., pw,,call,, can trigger the watch to initiate ...

CVE-2017-18668

An issue was discovered on Samsung mobile devices with M6.0 software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 June 2017...

CVE-2017-18668

An issue was discovered on Samsung mobile devices with M6.0 software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 June 2017...

Code injection

An issue was discovered on Samsung mobile devices with M6.0 software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 June 2017...

CVE-2017-18668

CVE-2017-18668 affects Samsung mobile devices running Android M (6.0) software. The records indicate the vulnerability allows an attacker to prevent users from making outbound calls and sending outbound text messages, linked to Samsung ID SVE-2017-8706. The available documents do not specify the ...

CVE-2017-18668

An issue was discovered on Samsung mobile devices with M6.0 software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 June 2017...

CVE-2018-20576

Orange Livebox 00.96.320S devices allow cgi-bin/autodialing.exe and cgi-bin/phonetest.exe CSRF, leading to arbitrary outbound telephone calls to an attacker-specified telephone number. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan...

CVE-2018-20576

Orange Livebox 00.96.320S devices allow cgi-bin/autodialing.exe and cgi-bin/phonetest.exe CSRF, leading to arbitrary outbound telephone calls to an attacker-specified telephone number. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan...

CVE-2018-20576

CVE-2018-20576 affects Orange Livebox 00.96.320S devices (firmware 00.96.320S; boot v0.70.03; modem 5.4.1.10.1.1A; hardware 02; Arcadyan ARV7519RW22-A-L T VR9 1.2). The issue is a CSRF in cgi-bin/autodialing.exe and cgi-bin/phone_test.exe, enabling an attacker to cause arbitrary outbound telephon...

asterisk -- multiple vulnerabilities

Asterisk project reports: Asterisk Manager User Unauthorized Shell Access ACL rules ignored when placing outbound calls by certain IAX2 users...