VYPR
Vendor

Ofono

Products
1
CVEs
16
Across products
16
Status
Private

Products

1

Recent CVEs

16
  • CVE-2023-4235HigApr 17, 2024
    risk 0.53cvss 8.1epss 0.01

    A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just…

  • CVE-2023-4234HigApr 17, 2024
    risk 0.53cvss 8.1epss 0.01

    A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just…

  • CVE-2023-4233HigApr 17, 2024
    risk 0.53cvss 8.1epss 0.01

    A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or…

  • CVE-2023-4232HigApr 17, 2024
    risk 0.53cvss 8.1epss 0.01

    A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just…

  • CVE-2023-2794HigApr 10, 2024
    risk 0.53cvss 8.1epss 0.01

    A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS.…

  • CVE-2024-7547HigAug 6, 2024
    risk 0.51cvss 7.8epss 0.00

    oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to…

  • CVE-2024-7546HigAug 6, 2024
    risk 0.51cvss 7.8epss 0.00

    oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to…

  • CVE-2024-7545HigAug 6, 2024
    risk 0.51cvss 7.8epss 0.00

    oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to…

  • CVE-2024-7544HigAug 6, 2024
    risk 0.51cvss 7.8epss 0.00

    oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to…

  • CVE-2024-7543HigAug 6, 2024
    risk 0.51cvss 7.8epss 0.00

    oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to…

  • CVE-2024-7539HigAug 6, 2024
    risk 0.51cvss 7.8epss 0.00

    oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this…

  • CVE-2024-7538HigAug 6, 2024
    risk 0.51cvss 7.8epss 0.00

    oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to…

  • CVE-2024-7537MedAug 6, 2024
    risk 0.36cvss 5.5epss 0.00

    oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists…

  • CVE-2024-7542LowAug 6, 2024
    risk 0.21cvss 3.3epss 0.00

    oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in…

  • CVE-2024-7541LowAug 6, 2024
    risk 0.21cvss 3.3epss 0.00

    oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in…

  • CVE-2024-7540LowAug 6, 2024
    risk 0.21cvss 3.3epss 0.00

    oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in…