18 matches found
EUVD-2021-22602
Malware in sbrugna...
EUVD-2021-29523
Malicious code in bioql PyPI...
CVE-2021-42555
Pexip Infinity before 26.2 allows temporary remote Denial of Service abort because of missing call-setup input validation...
CVE-2021-35969
Pexip Infinity before 26 allows temporary remote Denial of Service abort because of missing call-setup input validation...
FreeSWITCH 1.10.10 Denial Of Service Vulnerability
When handling DTLS-SRTP for media setup, FreeSWITCH version 1.10.10 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. FreeSWITCH...
Race condition
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
CVE-2023-29529
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
matrix-js-sdk vulnerable to invisible eavesdropping in group calls
Impact An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker will not appear to be participating in the call. This attack is possibl...
CVE-2021-35969
Pexip Infinity before 26 allows temporary remote Denial of Service abort because of missing call-setup input validation...
CVE-2021-42555
Pexip Infinity before 26.2 allows temporary remote Denial of Service abort because of missing call-setup input validation...
CVE-2020-25868
Pexip Infinity 22.x through 24.x before 24.2 has Improper Input Validation for call setup. An unauthenticated remote attacker can trigger a software abort temporary loss of service...
CVE-2020-25868
CVE-2020-25868 affects Pexip Infinity 22.x through 24.x before 24.2, with an improper input validation flaw in call setup. An unauthenticated remote attacker can trigger a software abort, causing temporary service disruption. Public references in the provided documents confirm the impact and affe...
Cisco Unified Communications Manager Mobile and Remote Access Security Bypass Vulnerability
Cisco Unified Communications Manager CUCM, Unified CM is a call-processing component of a unified communications system from the American company Cisco. A security vulnerability exists in CUCM's Mobile and Remote Access MRA service implementation. A remote attacker could exploit this vulnerabilit...
CVE-2015-6410
The Mobile and Remote Access MRA services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283...
CVE-2015-6410
The Mobile and Remote Access MRA services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283...
CVE-2015-6410
Cisco Unified Communications Manager’s Mobile and Remote Access (MRA) services contain an identity-validation flaw that allows remote attackers to spoof a user and bypass call-reception/ call-setup restrictions. Root cause: edge-device identity validation mishandling (Bug CSCuu97283). Affected pr...
bintec.boss.txt
Date: Wed, 10 Feb 1999 22:10:57 +0100 From: Pascal Gienger To: [email protected] Subject: Security Bug in Bintec Router Firmware CLID Vulnerability in Bintec Firmware BOSS V4.9 Release 1 and earlier Abstract: Non-interpretation of "international" or "national" incoming call setup leads to a...