Lucene search
K

177 matches found

Tenable Nessus
Tenable Nessus
added 2023/06/23 12:0 a.m.24 views

Debian DSA-5438-1 : asterisk - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5438 advisory. A flaw was found in Asterisk, an Open Source Private Branch Exchange. A buffer overflow vulnerability affects users that use PJSIP DNS resolver. This vulnerabilit...

7.5CVSS7.3AI score0.0233EPSS
Exploits1References8
Redos
Redos
added 2023/06/20 12:0 a.m.25 views

ROS-20230620-01

Ffmpeg multimedia library vulnerability is related to NULL pointer dereferencing error in function decodemainheader in libavformat/nutdec.c. Exploitation of the vulnerability could allow an attacker, remotely, trick a victim into opening a specially crafted file and performing a denial-of-service...

5.3CVSS5.9AI score0.00817EPSS
Exploits0
OSV
OSV
added 2023/06/16 2:15 a.m.0 views

UBUNTU-CVE-2023-3291

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2...

5.1CVSS7.1AI score0.00398EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.5 views

The vulnerability of the IMA_ADPCMDecode() function in the audio component of the SDL_wave.c multimedia library allows a hacker to induce a service failure.

The vulnerability of the IMAADPCMDecode function in the audio component of the SDLwave.c multimedia library is related to integer overflow. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

7.1CVSS6.6AI score0.01805EPSS
Exploits1References7Affected Software4
Gitee
Gitee
added 2023/05/01 12:0 a.m.9 views

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This is a repository for Vulhub, a collection of vulnerable environments for testing and learning about web application security. The repository contains a variety of vulnerable environments, including web servers, databases, and applications, which can be used to test and demonstrate various typ...

9.8CVSS7AI score0.99686EPSS
Exploits53
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.30 views

Debian: Security Advisory (DLA-1611)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.08359EPSS
Exploits1References3
Redos
Redos
added 2023/01/17 12:0 a.m.27 views

ROS-20230117-01

Simple DirectMedia Layer SDL multimedia library vulnerability is related to a memory leak in the function GLESCreateTexture in the render/opengles/SDLrendergles.c file. Exploitation of the vulnerability could allow an attacker acting remotely to cause a memory leak and execute a denial of service...

7.5CVSS7.5AI score0.01265EPSS
Exploits0
Redos
Redos
added 2022/12/27 12:0 a.m.32 views

ROS-20221227-02

A vulnerability in the PJSIP multimedia library is related to a boundary error in the decoding of STUN messages. Exploitation of the vulnerability could allow an attacker acting remotely to transmit a specially crafted STUN message to an application, cause a heap buffer overflow, and execute...

9.8CVSS9.5AI score0.01026EPSS
Exploits0
CNNVD
CNNVD
added 2022/12/23 12:0 a.m.3 views

PJSIP 缓冲区错误漏洞

PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP suffers from a security vulnerability that stems from the possibility of overwriting buffers when it parses STUN messages...

9.8CVSS8.2AI score0.00945EPSS
Exploits0References9
Cvelist
Cvelist
added 2022/12/20 6:50 p.m.22 views

CVE-2022-23537 PJSIP vulnerable to heap buffer overflow when decoding STUN message

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...

6.5CVSS9.6AI score0.01026EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2022/12/20 6:50 p.m.23 views

CVE-2022-23537

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...

9.8CVSS8AI score0.01026EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/11/29 12:0 a.m.5 views

PT-2022-6787 · Google +1 · Google Chrome +1

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 108.0.5359.71 Description: The issue is related to an uninitialized use in FFmpeg within Google Chrome, allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This is due...

10CVSS7.4AI score0.23918EPSS
Exploits4References75
Redos
Redos
added 2022/11/03 12:0 a.m.35 views

ROS-20221103-02

PJSIP multimedia library vulnerability is related to a buffer overflow error in the PJSIP parser PJSIP parser, PJMEDIA RTP decoder and PJMEDIA SDP parser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a flow failure and gain access to potentially sensitive...

9.8CVSS9.3AI score0.01084EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.100 views

PJSIP: Multiple Vulnerabilities

Background PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Description Multiple vulnerabilities have been discovered in PJSIP. Please review the CVE identifiers referenced belo...

9.8CVSS1.9AI score0.0462EPSS
Exploits2
OSV
OSV
added 2022/10/06 6:16 p.m.2 views

ALPINE-CVE-2022-39269

PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users tha...

9.1CVSS6.9AI score0.00534EPSS
Exploits0References1
Prion
Prion
added 2022/10/06 6:16 p.m.25 views

Buffer overflow

PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been...

7.5CVSS9.5AI score0.01084EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/10/06 6:16 p.m.2 views

UBUNTU-CVE-2022-39269

PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users tha...

9.1CVSS5.8AI score0.00534EPSS
Exploits0References4
OSV
OSV
added 2022/10/06 6:16 p.m.1 views

UBUNTU-CVE-2022-39244

PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been...

9.8CVSS7.5AI score0.01084EPSS
Exploits0References5
OSV
OSV
added 2022/10/06 12:0 a.m.43 views

CVE-2022-39244 Buffer overflow in pjlib scanner and pjmedia

PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been...

7.5CVSS9.4AI score0.01084EPSS
Exploits0References9
AlpineLinux
AlpineLinux
added 2022/10/06 12:0 a.m.46 views

CVE-2022-39269

PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users tha...

9.1CVSS9.3AI score0.00534EPSS
Exploits0
Rows per page
Query Builder