Lucene search
+L

120 matches found

CVE
CVE
added 2022/03/25 10:32 a.m.102 views

CVE-2021-44751

The CVE describes a vulnerability in the F-Secure SAFE browser where a malicious website containing USSD code via JavaScript or an iframe can trigger the browser’s dialer. This could allow an attacker to send USSD messages or initiate calls. The impact notes that on most modern Androids the diale...

5.3CVSS4.8AI score0.00553EPSS
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2022/02/08 12:0 a.m.403 views

Security Vulnerabilities fixed in Firefox 97 — Mozilla

A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Firefox on Windows. Other operating systems are unaffected. If a user...

9.6CVSS0.3AI score0.00926EPSS
Exploits2References13Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/02/08 12:0 a.m.37 views

Mozilla Firefox < 97.0

The version of Firefox installed on the remote Windows host is prior to 97.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-04 advisory. - Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firef...

9.6CVSS7.9AI score0.00926EPSS
Exploits2References13
NVD
NVD
added 2020/07/17 10:15 p.m.23 views

CVE-2019-12000

HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging...

6.6CVSS0.01147EPSS
Exploits0References1
CVE
CVE
added 2020/07/17 9:12 p.m.43 views

CVE-2019-12000

CVE-2019-12000 relates to the HPE MSE Msg Gw application E-LTU prior to version 3.2, where a potential Remote Access Restriction Bypass exists when HTTPS is used between the USSD and an external USSD service logic application. Affected component: HPE MSE Messaging Gateway (E-LTU); root cause: ins...

6.6CVSS6.6AI score0.01147EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/05/11 4:15 p.m.19 views

CVE-2020-12745

An issue was discovered on Samsung mobile devices with Q10.0 software. Attackers can bypass the locked-state protection mechanism and access clipboard content via USSD. The Samsung ID is SVE-2019-16556 May 2020...

7.5CVSS7.7AI score0.00428EPSS
Exploits0References1
Prion
Prion
added 2020/05/11 4:15 p.m.15 views

Design/Logic Flaw

An issue was discovered on Samsung mobile devices with Q10.0 software. Attackers can bypass the locked-state protection mechanism and access clipboard content via USSD. The Samsung ID is SVE-2019-16556 May 2020...

5CVSS7.7AI score0.00428EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/05/11 3:5 p.m.56 views

CVE-2020-12745

CVE-2020-12745 affects Samsung mobile devices running Q(10.0). The issue enables bypass of the locked-state protection to read clipboard content via USSD. The root cause is described as a protection bypass, but no further technical details or affected versions are provided in the connected docume...

7.5CVSS7.6AI score0.00428EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/05/11 3:5 p.m.20 views

CVE-2020-12745

An issue was discovered on Samsung mobile devices with Q10.0 software. Attackers can bypass the locked-state protection mechanism and access clipboard content via USSD. The Samsung ID is SVE-2019-16556 May 2020...

7.7AI score0.00428EPSS
Exploits0References1
NVD
NVD
added 2020/04/08 6:15 p.m.27 views

CVE-2018-21078

An issue was discovered on Samsung mobile devices with M6.0, N7.x, and O8.0 software. The Contacts application allows attackers to originate video calls because SS Supplementary Service and USSD Unstructured Supplementary Service Data codes are improperly secured. The Samsung ID is SVE-2018-11469...

7.5CVSS7.6AI score0.00346EPSS
Exploits0References1
Prion
Prion
added 2020/04/08 6:15 p.m.18 views

Design/Logic Flaw

An issue was discovered on Samsung mobile devices with M6.0, N7.x, and O8.0 software. The Contacts application allows attackers to originate video calls because SS Supplementary Service and USSD Unstructured Supplementary Service Data codes are improperly secured. The Samsung ID is SVE-2018-11469...

5CVSS7.6AI score0.00346EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/05/02 3:29 p.m.22 views

Design/Logic Flaw

The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application...

6.8CVSS7AI score0.01473EPSS
Exploits1References5Affected Software1
hackapp
hackapp
added 2016/12/27 6:38 a.m.16 views

SIM Info/USSD/Recharge Offers - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application SIM Info/USSD/Recharge Offers published at the 'play' market has multiple vulnerabilities...

1.7AI score
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2014/07/09 4:11 p.m.15 views

Android Exploited to Make, End Phone Calls; Send USSD Codes

A pair of vulnerabilities in all but the newest KitKat iteration of Google’s Android operating system could let a malicious or rogue application exceed its permission level in order to make phone calls, hang up phone calls, or send USSD or MMI codes. Marco Lux and Pedro Umbelino of Curesec claim...

0.3AI score
Exploits0References1
The Hacker News
The Hacker News
added 2014/07/08 1:48 a.m.29 views

Android Vulnerability Allows Applications to Make Unauthorized Calls without Permissions

A major vulnerability believed to be present in most versions of Android can allow a malicious Android applications on the Android app store to make phone calls on a user’s device, even when they lack the necessary permissions. The critical vulnerability was identified and reported to Google Inc...

7.6AI score0.01473EPSS
Exploits1
The Hacker News
The Hacker News
added 2014/02/24 9:13 p.m.18 views

First Tor-Based Android Malware Spotted in the Wild

We use our Smartphone devices to do almost everything, from Internet Banking to Sharing private files and at the same pace, the mobile malware sector is also growing. The number of variants of malicious software aimed at mobile devices has reportedly risen about 185% in less than a year. Security...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2013/05/23 8:37 p.m.14 views

New Android malware forwards incoming messages to hacker

A new type of Android malware that can intercept text messages and forwarding to hackers is discovered by the Russian firm Doctor Web. This is a very serious threat to users, because using this malware attackers can easily get two factor authentication code of your Email or bank accounts. The...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/05/23 9:37 a.m.12 views

New Android malware forwards incoming messages to hacker

A new type of Android malware that can intercept text messages and forwarding to hackers is discovered by the Russian firm Doctor Web. This is a very serious threat to users, because using this malware attackers can easily get two factor authentication code of your Email or bank accounts. The...

7.1AI score
Exploits0
myhack58
myhack58
added 2012/09/28 12:0 a.m.31 views

Line of code let the Samsung galaxy do Factory Reset-vulnerability warning-the black bar safety net

SAMSUNG including the GALAXY S3 and other models of the smart phone there is a serious security vulnerability, a line of USSD code can be formatted the phone and even damage the SIM card! The current is determined there is a problem of the phone as follows: Galaxy S3, Galaxy S2, Galaxy Ace, Galax...

0.2AI score
Exploits0
ThreatPost
ThreatPost
added 2012/09/26 4:40 p.m.21 views

Samsung Fixes Remote Wipe Flaw in Galaxy S III Smartphones

Smartphone developer Samsung has reportedly fixed a flaw in one of its newest phones, the Galaxy S III, that allows attackers to remotely wipe the phone’s contents. The patch addresses a flaw presented at the Ekoparty Security Conference in Argentina late last week that showed how easy it was to...

1.5AI score
Exploits0References5
Rows per page
Query Builder