90 matches found
CVE-2025-47383
CVE-2025-47383 describes a weak configuration that may cause a cryptographic issue when a VoWiFi call is triggered from UE. Connected records repeat the description and list a CVSS v3.1 base score of 7.2 (HIGH) with NETWORK attack vector, low attack complexity, and high impact on confidentiality,...
EUVD-2024-54631
Malicious code in bioql PyPI...
EUVD-2024-19662
Malicious code in bioql PyPI...
EUVD-2025-25107
Malicious code in bioql PyPI...
EUVD-2023-42270
Malicious code in bioql PyPI...
EUVD-2023-38061
Malicious code in bioql PyPI...
CVE-2025-31715
In vowifi service, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed...
CVE-2025-31715
In vowifi service, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed...
CVE-2025-31715
CVE-2025-31715 affects the vowifi service. Root cause: improper input validation enabling a command injection. Impact: remote escalation of privilege with no additional privileges required; confidentiality/ integrity/availability all high. CVSS v3.1 base score 9.8 (Network, Low complexity, Privil...
CVE-2025-31715
In vowifi service, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed...
CVE-2025-31715
In vowifi service, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed...
PT-2025-33626 · Google +2 · Android +2
Name of the Vulnerable Software and Affected Versions: vowifi affected versions not specified Description: A command injection issue exists in the vowifi service due to improper input validation. This could lead to remote escalation of privilege without requiring additional execution privileges...
CVE-2024-53026
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call...
CVE-2024-53026
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call...
CVE-2024-53026 Buffer Over-read in Data Network Stack & Connectivity
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call...
CVE-2024-53026
CVE-2024-53026 describes an information-disclosure vulnerability triggered by receiving an invalid RTCP packet during a VoLTE/VoWiFi IMS call. Connected sources associate this with Qualcomm chipsets and note public advisories/patches refer to this issue; however, concrete technical details about ...
CVE-2024-53026 Buffer Over-read in Data Network Stack & Connectivity
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call...
CVE-2023-38454
In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges...
CVE-2023-33911
In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges...
CVE-2025-20958
Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors...