73 matches found
CVE-2023-25185
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. A mobile network solution internal fault was found in Nokia Single RAN software releases. Certain software processes in the BTS internal software design have unnecessarily high privileges to BTS embedded operating syst...
EUVD-2025-19702
Malicious code in bioql PyPI...
EUVD-2025-19693
Malicious code in bioql PyPI...
EUVD-2025-19725
Malicious code in bioql PyPI...
EUVD-2025-19700
Malicious code in bioql PyPI...
EUVD-2025-19701
Malicious code in bioql PyPI...
EUVD-2023-29149
Malicious code in bioql PyPI...
CVE-2025-24335
Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP contain a SOAP message input validation flaw, which in theory could potentially be used for causing resource exhaustion in the Single RAN baseband OAM service. No practical exploit has been detected for this flaw. However, th...
CVE-2025-24331
The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it initially starts with root privileges and assigns certain capabilities before dropping to an unprivileged level. The capabilities retained from the root period are considered extensive after the privile...
CVE-2025-24332
Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity board...
CVE-2025-24334
The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator MNO internal RAN management network...
CVE-2025-24333
Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via special characters added...
CVE-2025-24328
Sending a crafted SOAP "set" operation message within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to...
The vulnerability of the OAM service of the Nokia Single RAN network management platform allows a attacker to execute arbitrary commands.
The vulnerability of the OAM service of the Nokia Single RAN network management platform lies in the lack of measures taken to clean data at the management level during the processing of the COMAconfig.xml file. Exploiting this vulnerability allows an attacker to execute arbitrary commands...
The vulnerability of the OAM service of the Nokia Single RAN network management platform allows a hacker to enhance their privileges.
The vulnerability of the OAM service of the Nokia Single RAN network management platform is related to incorrect restrictions on the path name to the catalog, leading to errors in privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the OAM service of the Nokia Single RAN network management platform allows a attacker to cause a service failure.
The vulnerability of the OAM service of the Nokia Single RAN network management platform is related to buffer overflow in the stack. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
CVE-2025-24335
Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP contain a SOAP message input validation flaw, which in theory could potentially be used for causing resource exhaustion in the Single RAN baseband OAM service. No practical exploit has been detected for this flaw. However, th...
CVE-2025-24329
Sending a crafted SOAP "provision" operation message archive field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has bee...
CVE-2025-24334
The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator MNO internal RAN management network...
CVE-2025-24330
Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been...