Lucene search
K

1179 matches found

Nuclei
Nuclei
added 7 hours ago174 views

Telesquare TLR-2005KSH - Remote Command Execution

Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through...

8.8CVSS6.4AI score0.05848EPSS
Exploits8References5
NVD
NVD
added 3 days ago8 views

CVE-2026-15482

A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestaoloja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be...

7.5CVSS0.00254EPSS
Exploits0References4
CVE
CVE
added 3 days ago13 views

CVE-2026-15482

Summary: CVE-2026-15482 affects Aster Telecom Azcall 10/11. The vulnerability lies in the HTTP Handler’s processing of /azcall/adm/gestao_loja/sis.php?t=consultar, where manipulating the arguments nome, perfil, or status can trigger a SQL injection. The issue is exploitable remotely, and public e...

7.5CVSS6.7AI score0.00254EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-15482 Aster Telecom Azcall HTTP sis.php sql injection

A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestaoloja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be...

7.5CVSS0.00254EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 4:6 p.m.5 views

EEF-CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl

Summary Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tls\gen\connection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server...

6.3CVSS5.8AI score0.00135EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/02 4:6 p.m.7 views

EUVD-2026-41412

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS5.9AI score0.00487EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 1:10 p.m.4 views

OESA-2026-2703 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Relative Path Traversal, Improper Isolation or...

2.3CVSS5.8AI score0.00461EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/23 1:9 a.m.6 views

[SECURITY] Fedora 44 Update: erlang-26.2.5.21-3.fc44

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson...

6.5CVSS5.8AI score0.00277EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/06/19 2:0 p.m.20 views

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices. The sweeping campaign, believed to be the work of...

6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/17 8:8 p.m.9 views

CVE-2026-49759

A flaw was found in Erlang OTP Open Telecom Platform erts, specifically within the inetdrv component. An unauthenticated remote attacker can exploit a stack-based buffer overflow vulnerability by sending a specially crafted Stream Control Transmission Protocol SCTP ERROR chunk. This can lead to a...

8.8CVSS5.3AI score0.00497EPSS
Exploits0References8
OSV
OSV
added 2026/06/10 4:17 p.m.10 views

UBUNTU-CVE-2026-48860

Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...

7.5CVSS5.9AI score0.00194EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/10 2:35 p.m.13 views

EUVD-2026-36054

Observable Timing Discrepancy vulnerability in Erlang/OTP ssh sshauth, sshoptions modules allows unauthenticated remote username enumeration via timing side-channel in password authentication. When the SSH daemon is configured with the userpasswords or password option, sshauth:checkpassword/3...

6.3CVSS5.5AI score0.00354EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/10 2:35 p.m.33 views

CVE-2026-49760 Stack Buffer Overflow in ei_s_print_term at Very Large Integer

Stack-based Buffer Overflow vulnerability in Erlang OTP erlinterface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erlinterface/src/misc/eiprintterm.c and program routine eisprintterm. The C function eisprintterm uses an internal 2000-character stack...

6.9CVSS0.00136EPSS
Exploits0References5
OSV
OSV
added 2026/06/10 2:35 p.m.10 views

EEF-CVE-2026-49760 Stack Buffer Overflow in ei_s_print_term at Very Large Integer

Summary Stack-based Buffer Overflow vulnerability in Erlang OTP erl\interface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erl\interface/src/misc/ei\printterm.c and program routine ei\s\print\term. The C function ei\s\print\term uses an internal...

6.9CVSS5.7AI score0.00136EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.11 views

On-Chip Quantum Randomness Amplification

Randomness amplification, the task of extracting uniform private bits from biased seeds that may be partly known by a malicious third party, is of central importance in cryptography. The highest security in this task is provided by a class of quantum protocols known as device-independent, which...

5.3AI score
Exploits0
Cvelist
Cvelist
added 2026/06/09 4:2 p.m.52 views

CVE-2026-49841 FreeSWITCH: Pre-authentication heap buffer overflow in `mod_verto` HTTP POST body read

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, the modverto HTTP request handler allocates a fixed 2 MiB buffer for a POST...

9.8CVSS0.00394EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.10 views

CVE-2026-42790

A flaw was found in Erlang OTP publickey. This improper certificate validation vulnerability allows a subordinate Certificate Authority CA with restricted DNS nameConstraints to bypass these restrictions. By issuing a leaf certificate that lacks a Subject Alternative Name SAN but contains a craft...

8.1CVSS5.8AI score0.00338EPSS
Exploits0References10
CVE
CVE
added 2026/05/27 12:23 p.m.26 views

CVE-2026-42791

Summary: CVE-2026-42791 is an improper certificate validation weakness in Erlang OTP’s public_key/pubkey_ocsp module. OCSP response verification (pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3) fails to enforce the validity period (notBefore/notAfter) of the OCSP responde...

6.3CVSS5.8AI score0.00316EPSS
Exploits0References6Affected Software1
The Hacker News
The Hacker News
added 2026/05/21 2:17 p.m.23 views

Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications provider in the Middle East since at least mid-2022. "Showboat is a modular post-exploitation framework designed for Linux systems, capable...

9.8CVSS7.4AI score0.99999EPSS
Exploits63
HackRead
HackRead
added 2026/05/13 10:6 a.m.10 views

Why Canadian Telecom Providers Are Prime Targets for Cyberattacks

Canadian telecom providers face mounting cyber threats from ransomware, SIM swapping, data breaches, and nation-state attacks targeting critical infrastructure...

5.8AI score
Exploits0
Rows per page
Query Builder