Lucene search
K

142 matches found

RedhatCVE
RedhatCVE
added 2026/04/21 7:28 p.m.5 views

CVE-2026-40614

A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit a buffer overflow vulnerability when decoding Opus audio frames due to insufficient buffer size validation. This flaw allows for a heap buffer overflow, which may lead to arbitrary code execution or...

8.8CVSS6.6AI score0.00224EPSS
Exploits0References2
OSV
OSV
added 2026/04/21 7:16 p.m.6 views

ALPINE-CVE-2026-40614

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.8CVSS5.9AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 6:4 p.m.6 views

EUVD-2026-24229

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.5CVSS6.2AI score0.00224EPSS
Exploits0References2
CVE
CVE
added 2026/04/21 6:4 p.m.21 views

CVE-2026-40614

Summary of CVE-2026-40614 (PJSIP): PJSIP (2.16 and earlier) has a heap buffer overflow in Opus decoding due to insufficient bounds checking in the codec_decode path. The FEC decode buffers (dec_frame[].buf) are allocated using a PCM-derived size, which at 8 kHz mono yields 960 bytes, but codec_pa...

8.8CVSS6.2AI score0.00224EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/21 6:4 p.m.6 views

CVE-2026-40614 PJSIP: Heap buffer overflow in Opus codec decoding

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.5CVSS6.2AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.10 views

PJSIP 安全漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP versions 2.16 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the...

9.8CVSS5.9AI score0.00419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/02 4:57 p.m.5 views

CVE-2026-34235

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

9.1CVSS5.8AI score0.00405EPSS
Exploits0References1
NVD
NVD
added 2026/03/31 4:16 p.m.2 views

CVE-2026-34235

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

9.1CVSS0.00405EPSS
Exploits0References2
OSV
OSV
added 2026/03/31 4:16 p.m.8 views

ALPINE-CVE-2026-34235

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

9.1CVSS5.3AI score0.00405EPSS
Exploits0References1
OSV
OSV
added 2026/03/31 4:16 p.m.6 views

DEBIAN-CVE-2026-34235

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

9.1CVSS5.3AI score0.00405EPSS
Exploits0References1
OSV
OSV
added 2026/03/31 4:16 p.m.3 views

UBUNTU-CVE-2026-34235

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

9.1CVSS5.8AI score0.00405EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/31 4:16 p.m.4 views

CVE-2026-34235

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

9.1CVSS5.8AI score0.00405EPSS
Exploits0References3
CVE
CVE
added 2026/03/31 3:36 p.m.17 views

CVE-2026-34235

CVE-2026-34235 affects the PJSIP library (C) prior to version 2.17, where the VP9 RTP unpacketizer has a heap out-of-bounds read when parsing crafted VP9 SS data. The vulnerability stems from insufficient bounds checking on the payload descriptor length, causing reads beyond the RTP payload buffe...

9.1CVSS5.8AI score0.00405EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/31 3:36 p.m.1 views

CVE-2026-34235

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

6.9CVSS5.8AI score0.00405EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.5 views

PT-2026-29286

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

9.1CVSS5.8AI score0.00405EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-32945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS...

9.8CVSS5.5AI score0.00308EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-32942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE...

9.3CVSS5.3AI score0.00319EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/24 9:31 a.m.5 views

CVE-2026-32945

A flaw was found in PJSIP, a multimedia communication library. This heap-based buffer overflow vulnerability exists in the DNS parser's name length handler. A remote attacker could exploit this by sending a specially crafted DNS response, potentially leading to information disclosure, denial of...

9.8CVSS6.7AI score0.00308EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/24 9:31 a.m.4 views

CVE-2026-32942

A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit a heap use-after-free vulnerability in the Interactive Connectivity Establishment ICE session. This occurs due to race conditions between session destruction and callbacks, potentially allowing for...

9.3CVSS6.5AI score0.00319EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/20 7:9 p.m.3 views

CVE-2026-33069

A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit a vulnerability in the pjsipmultipartparse function when processing incoming Session Initiation Protocol SIP messages. This flaw, an out-of-bounds heap read, allows for the disclosure of a small amount ...

7.5CVSS5.6AI score0.0026EPSS
Exploits0References2
Rows per page
Query Builder