177 matches found
Debian DSA-5438-1 : asterisk - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5438 advisory. A flaw was found in Asterisk, an Open Source Private Branch Exchange. A buffer overflow vulnerability affects users that use PJSIP DNS resolver. This vulnerabilit...
ROS-20230620-01
Ffmpeg multimedia library vulnerability is related to NULL pointer dereferencing error in function decodemainheader in libavformat/nutdec.c. Exploitation of the vulnerability could allow an attacker, remotely, trick a victim into opening a specially crafted file and performing a denial-of-service...
UBUNTU-CVE-2023-3291
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2...
The vulnerability of the IMA_ADPCMDecode() function in the audio component of the SDL_wave.c multimedia library allows a hacker to induce a service failure.
The vulnerability of the IMAADPCMDecode function in the audio component of the SDLwave.c multimedia library is related to integer overflow. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...
Exploit for Improper Encoding or Escaping of Output in F5 Nginx
This is a repository for Vulhub, a collection of vulnerable environments for testing and learning about web application security. The repository contains a variety of vulnerable environments, including web servers, databases, and applications, which can be used to test and demonstrate various typ...
Debian: Security Advisory (DLA-1611)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ROS-20230117-01
Simple DirectMedia Layer SDL multimedia library vulnerability is related to a memory leak in the function GLESCreateTexture in the render/opengles/SDLrendergles.c file. Exploitation of the vulnerability could allow an attacker acting remotely to cause a memory leak and execute a denial of service...
ROS-20221227-02
A vulnerability in the PJSIP multimedia library is related to a boundary error in the decoding of STUN messages. Exploitation of the vulnerability could allow an attacker acting remotely to transmit a specially crafted STUN message to an application, cause a heap buffer overflow, and execute...
PJSIP 缓冲区错误漏洞
PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP suffers from a security vulnerability that stems from the possibility of overwriting buffers when it parses STUN messages...
CVE-2022-23537 PJSIP vulnerable to heap buffer overflow when decoding STUN message
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
CVE-2022-23537
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
PT-2022-6787 · Google +1 · Google Chrome +1
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 108.0.5359.71 Description: The issue is related to an uninitialized use in FFmpeg within Google Chrome, allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This is due...
ROS-20221103-02
PJSIP multimedia library vulnerability is related to a buffer overflow error in the PJSIP parser PJSIP parser, PJMEDIA RTP decoder and PJMEDIA SDP parser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a flow failure and gain access to potentially sensitive...
PJSIP: Multiple Vulnerabilities
Background PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Description Multiple vulnerabilities have been discovered in PJSIP. Please review the CVE identifiers referenced belo...
ALPINE-CVE-2022-39269
PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users tha...
Buffer overflow
PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been...
UBUNTU-CVE-2022-39269
PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users tha...
UBUNTU-CVE-2022-39244
PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been...
CVE-2022-39244 Buffer overflow in pjlib scanner and pjmedia
PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been...
CVE-2022-39269
PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users tha...