Poster - CVE CyberSecurity Database News (Page 306)

Jan 21, 2025 Bluetooth Exploit

CVE-2024-43096 - Bluetooth Vulnerability in build_read_multi_rsp (gatt_sr.cc) Allows Remote Code Execution

In June 2024, a critical Bluetooth vulnerability was identified under CVE-2024-43096. It affects the build_read_multi_rsp function in gatt_sr.cc, component of

Jan 21, 2025

CVE-2024-24421 - Exploiting Magma’s nas_message_decode Type Confusion (<= v1.8.) for Code Execution and DoS

CVE-2024-24421 is a type confusion vulnerability found in the nas_message_decode function of the Magma mobile network core, affecting versions up to 1.8.

Jan 21, 2025 Java Google

CVE-2023-40132 - How RingtoneManager’s Missing Check Lets Android Apps Escalate Privileges

Android security relies heavily on content providers—a system that protects apps’ private data behind permissions. Normally, apps can only mess with things like your

Jan 21, 2025

CVE-2024-24445 - How a Null Dereference in OpenAirInterface oai-cn5g-amf Can Kill Your Core

OpenAirInterface’s 5G Core (CN5G), a popular open-source telecom solution, is supposed to handle tricky network traffic securely. But sometimes a simple coding mistake can

Jan 21, 2025 API Exploit SQL PHP

CVE-2023-27112 - SQL Injection in pearProjectApi v2.8.10 (project.php `projectCode` Parameter) Explored

In early 2023, a serious vulnerability was discovered in the popular open-source tool pearProjectApi, version 2.8.10. This post dives into CVE-2023-27112, an SQL