CVE-2025-10184

CVE-2025-10184 (OnePlus OxygenOS Telephony provider permission bypass) affects OnePlus OxygenOS on multiple devices, via three content providers: com.android.providers.telephony.PushMessageProvider, PushShopProvider and ServiceNumberProvider. Root cause: missing write permissions on these provide...

CVE-2022-23835

The Visual Voice Mail VVM application through 2022-02-24 for Android allows persistent access if an attacker temporarily controls an application that has the READSMS permission, and reads an IMAP credentialing message that is by design not displayed to the victim within the AOSP SMS/MMS messaging...

CVE-2022-23835

The Visual Voice Mail VVM application through 2022-02-24 for Android allows persistent access if an attacker temporarily controls an application that has the READSMS permission, and reads an IMAP credentialing message that is by design not displayed to the victim within the AOSP SMS/MMS messaging...

Zerodium is paying $2 million for Apple iOS remote jailbreak

By Waqas Zerodium, an infosec and premium zero-day acquisition platform known for selling zero-day exploits to governments has announced that it will be paying a huge amount of money to buy iOS remote jailbreak and exploits related to WhatsApp, iMessage, or SMS/MMS. See: Zerodium uses Twitter to...

Mood Messenger - SMS & MMS - Base64 encoded String, Exported ContentProvider, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Mood Messenger - SMS & MMS published at the 'play' market has multiple vulnerabilities...

CVE-2015-3840

The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITESMS" permission...

SMS MMS Messenger - ContentProvider mode not defined, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application SMS MMS Messenger published at the 'play' market has multiple vulnerabilities...

SMS MMS Search for Tasker - Exported components, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application SMS MMS Search for Tasker published at the 'play' market has multiple vulnerabilities...

Schedule SMS MMS EMAIL - Base64 encoded String, External URLs, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Schedule SMS MMS EMAIL published at the 'play' market has multiple vulnerabilities...

PhoneLeash: SMS/MMS forwarding - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application PhoneLeash: SMS/MMS forwarding published at the 'play' market has multiple vulnerabilities...

Now SMS/MMS Gateway Buffer Overflow

No description provided by source. $Id: nowsms.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Symbian S60 Malformed SMS/MMS Remote Denial Of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33072/info Symbian S60 is prone to a denial-of-service vulnerability. Attackers can exploit this issue to prevent users from sending or receiving SMS or MMS messages. This issue affects handsets using Symbian S60. The...

Now SMS/MMS Gateway 5.5 - Remote Buffer Overflow Exploit

No description provided by source. / Dreatica-FXP crew ---------------------------------------- Target : Now SMS/MMS Gateway v5.5 and others ---------------------------------------- Exploit : Now SMS/MMS Gateway v5.5 Remote Buffer Overflow Exploit Exploit date : 14.04.2008 Exploit writer : Hereti...

Design/Logic Flaw

The Multimedia Messaging Centre MMSC in NowSMS Now SMS & MMS Gateway 2013.09.26 allows remote attackers to cause a denial of service via a malformed message to a MM4 connection...

CVE-2013-7000

CVE-2013-7000 affects the Multimedia Messaging Centre (MMSC) in NowSMS Now SMS & MMS Gateway 2013.09.26. The vulnerability allows remote attackers to cause a denial of service by sending a malformed MM4 message over the MM4 connection, impacting availability. Affected component: MMSC in NowSMS. R...

CVE-2013-7001

CVE-2013-7001 concerns NowSMS Now SMS & MMS Gateway prior to 2013.11.15. The MMSC may trigger a denial of service when processing a malformed MM1 message that is routed to a MM4 or MM7 connection. Affected component: Multimedia Messaging Centre (MMSC) in NowSMS gateway. Underlying cause: malforme...

CVE-2011-4863

The Tencent QQPimSecure com.tencent.qqpimsecure application 3.0.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS/MMS messages and a contact list via a crafted application...

viaExtract - Forensic tool for Android devices released

viaExtract - Forensic tool for Android devices released Android Forensics is now easier, faster and more powerful than ever. viaForensics has released viaExtract – Android Logical, a powerful analysis and reporting tool for Android smart phones and devices.Expanding on our popular AFLogical...

Now SMS/Mms Gateway - Remote Buffer Overflow (Metasploit)

$Id: nowsms.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ requir...

Now SMS/MMS Gateway Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Now SMS/MMS...