292 matches found
EUVD-2022-52708
Malicious code in bioql PyPI...
EUVD-2022-52709
Malicious code in bioql PyPI...
EUVD-2022-52710
Malicious code in bioql PyPI...
EUVD-2023-44637
Malicious code in bioql PyPI...
EUVD-2021-28268
Malicious code in bioql PyPI...
EUVD-2023-56161
Malicious code in bioql PyPI...
EUVD-2021-28267
Malicious code in bioql PyPI...
EUVD-2021-28260
Malicious code in bioql PyPI...
EUVD-2021-28242
Malicious code in bioql PyPI...
EUVD-2023-44638
Malicious code in bioql PyPI...
CVE-2023-40018
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.10, FreeSWITCH allows remote users to trigger out of bounds write by offering an ICE candida...
CVE-2023-51443
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service...
CVE-2021-41157
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. By default, SIP requests of the type SUBSCRIBE are not authenticated in the affected versions of FreeSWITCH. Abuse...
CVE-2021-41145
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. FreeSWITCH prior to version 1.10.7 is susceptible to Denial of Service via SIP flooding. When flooding FreeSWITCH...
CVE-2021-41105
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. When handling SRTP calls, FreeSWITCH prior to version 1.10.7 is susceptible to a DoS where calls can be terminated...
CVE-2021-41158
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, an attacker can perform a SIP digest leak attack against FreeSWITCH and receive the...
CVE-2021-36513
An issue was discovered in function sofiahandlesipinotify in sofia.c in SignalWire freeswitch before 1.10.6, may allow attackers to view sensitive information due to an uninitialized value...
CVE-2020-27613
The installation procedure in BigBlueButton before 2.2.28 or earlier uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access...
CVE-2018-19911
FreeSWITCH through 1.8.2, when modxmlrpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system or api/bgsystem or txtapi/bgsystem query string on TCP port 8080, as demonstrated by an api/system?calc URI. This can also be exploited via CSRF...
CVE-2019-19492
FreeSWITCH 1.6.10 through 1.10.1 has a default password in eventsocket.conf.xml...