MAL-2025-3695 Malicious code in poc-malicious-sim (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 492ab8807d8b13a8c7f47cccea0091ee128f7f8874756d736d2e50dd46d1ad07 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in poc-sim (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8bc002dd617428d821e25cfa749908affae826cf40db7db85821cb7e344418ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3697 Malicious code in poc-sim (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8bc002dd617428d821e25cfa749908affae826cf40db7db85821cb7e344418ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in web-sim-control (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8d3b8a674300adbbebf266b874c5c0505e514bace39bd005a46f18525cd3eb16 The OpenSSF Package Analysis project identified 'web-sim-control' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2025-3222 Malicious code in web-sim-control (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8d3b8a674300adbbebf266b874c5c0505e514bace39bd005a46f18525cd3eb16 The OpenSSF Package Analysis project identified 'web-sim-control' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

The vulnerability of the SimToolKit tool in the OFono mobile phone stack allows a perpetrator to execute arbitrary code.

The vulnerability of the SimToolKit tool in the OFono mobile phone stack lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...

Security update for zvbi

This update for zvbi fixes the following issues: CVE-2025-2173: Fixed check on srclength to avoid an unitinialized heap read bsc1239222. CVE-2025-2174: Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c bsc1239299. CVE-2025-2175: Fixed integer overflow in...

SUSE CVE-2025-2176

A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbicapturesimloadcaption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

UBUNTU-CVE-2025-2176

A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbicapturesimloadcaption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year

It's time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their...

The vulnerability of the Linux operating system’s kernel component “sim”, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s kernel component “sim” is related to a memory leak in the “gpiosimremovehogs” function. Exploiting this vulnerability can allow an attacker to cause a system failure...

Hacker in Snowflake Extortions May Be a U.S. Soldier

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake , but a third suspect -- a prolific hacker known as Kiberphant0m -- remains at large and continues to publicly extort victims. However, this person's...

CVE-2019-20472

An issue was discovered on One2Track 2019-12-08 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use the SIM card by stealing...

CVE-2019-20472

An issue was discovered on One2Track 2019-12-08 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use the SIM card by stealing...

CVE-2019-20472

An issue was discovered on One2Track 2019-12-08 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use the SIM card by stealing...

CVE-2019-20472

The CVE-2019-20472 issue affects One2Track devices (2019-12-08). It describes a PIN configuration problem where a SIM card cannot be configured with a PIN; if a PIN is configured, the device responds with a “Remove PIN and restart!” message and becomes unusable. This behavior can enable easier un...

CVE-2024-33031

Memory corruption while processing the update SIM PB records request...

CVE-2024-33031

CVE-2024-33031 concerns memory corruption in Qualcomm chipsets, attributed to the Radio Interface Layer (RIL) when processing the update SIM PB records request. The CVE is described as an improper input validation bug in RIL, with a CVSSv3.1 base score of 6.7 (Medium). The impact is listed as hig...

CVE-2024-33031 Improper Input Validation in RIL

Memory corruption while processing the update SIM PB records request...

CVE-2024-33031 Improper Input Validation in RIL

Memory corruption while processing the update SIM PB records request...