CVE-2025-67448

The SMS module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to stored XSS. The application does not properly sanitize user input in SMS messages before storing and displaying them. An attacker can send an SMS containing a malicious XSS payload, which will be executed in the...

[SECURITY] Fedora 44 Update: spacebar-6.6.4-1.fc44

Spacebar is a telepathy-qt based SMS application that primarily targets Plasm a Mobile...

EUVD-2026-8846

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through = 6.9.12...

CVE-2026-28136

CVE-2026-28136 concerns the WordPress WP SMS plugin up to version 6.9.12, with an SQL Injection vulnerability caused by improper neutralization of special elements in SQL commands. The issue affects WP SMS versions through 6.9.12 and can enable manipulation of database queries due to the vulnerab...

‘Signalgate’ Inspector General Report Wants Just One Change to Avoid a Repeat Debacle

The United States Inspector General report reviewing Secretary of Defense Pete Hegseth’s text messaging mess recommends a single change to keep classified material secure...

CVE-2025-12080

CVE-2025-12080 affects Google Messages for Wear OS when it is the default SMS/MMS/RCS app. The root cause is improper handling of ACTION_SENDTO intents using sms:, smsto:, mms:, and mmsto: URI schemes, enabling an attacker who can invoke an Android intent to covertly send messages on behalf of th...

EUVD-2018-6866

Malware in sbrugna...

EUVD-2007-4063

Malware in sbrugna...

HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands

Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages. "A prominent characteristic of the latest variant is its capacity to deploy a full-screen ransomware overlay, which aims t...

CVE-2023-28208

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM...

PT-2024-36755 · Ssl Wireless · Ssl Wireless Sms Notification

Name of the Vulnerable Software and Affected Versions: SSL Wireless SMS Notification versions n/a through 3.5.0 Description: The issue is related to an Incorrect Privilege Assignment vulnerability in SSL Wireless SMS Notification, which allows Privilege Escalation. Recommendations: For versions n...

UBUNTU-CVE-2024-22123

Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...

WordPress plugin Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin Sender - Newsletter,...

UBUNTU-CVE-2023-4234

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodesubmitreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...

WordPress Plugin WP SMS Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

Google Makes it Tough for Rogue App Developers Get Back on Android Play Store

Even after Google's security oversight over its already-huge Android ecosystem has evolved over the years, malware apps still keep coming back to Google Play Store. Sometimes just reposting an already detected malware app from a newly created Play Store account, or using other developers' existin...

EvolveSMS (Text Messaging) - Customized SSL, Dangerous filesystem permissions, Hardcoded secrets vulnerabilities

HackApp vulnerability scanner discovered that application EvolveSMS Text Messaging published at the 'play' market has multiple vulnerabilities...

mysms SMS Text Messaging Sync - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application mysms SMS Text Messaging Sync published at the 'play' market has multiple vulnerabilities...

Google Android Local Elevation of Privilege Vulnerability (CNVD-2016-07436)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A local elevation of privilege vulnerability exists in SMS in Android. A local attacker can exploit this vulnerability to gain elevated privileges...

AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations

Asterisk Project Security Advisory - AST-2014-010 Product Asterisk Summary Remote crash when handling out of call message in certain dialplan configurations Nature of Advisory Remotely triggered crash of Asterisk Susceptibility Remote authenticated sessions Severity Minor Exploits Known No Report...