693 matches found
CVE-2026-28799 PJSIP: Heap use-after-free in PJSIP presence subscription termination handler
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework evsub.c that is triggered during presence unsubscription SUBSCRIBE with Expires=0. This issue has been patched i...
CVE-2026-28799 PJSIP: Heap use-after-free in PJSIP presence subscription termination handler
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework evsub.c that is triggered during presence unsubscription SUBSCRIBE with Expires=0. This issue has been patched i...
CVE-2026-28799 PJSIP: Heap use-after-free in PJSIP presence subscription termination handler
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework evsub.c that is triggered during presence unsubscription SUBSCRIBE with Expires=0. This issue has been patched i...
CVE-2026-28799
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework evsub.c that is triggered during presence unsubscription SUBSCRIBE with Expires=0. This issue has been patched i...
CVE-2026-29068
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...
CVE-2026-29068
PJSIP is affected by a stack buffer overflow in the pjmedia-codec RTP payload parser when a payload contains more frames than the caller-provided frames can hold. This impacts versions prior to 2.17. The vulnerability, with a CVSS 4.0 base score of 8.7 (Network attack vector, no user interaction,...
CVE-2026-29068 PJSIP: Stack buffer overflow in Opus codec parser
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...
CVE-2026-29068
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...
OSV-2026-338 Use-of-uninitialized-value in pjsip_auth_clt_init_req
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=488721002 Crash type: Use-of-uninitialized-value Crash state: pjsipauthcltinitreq fuzz-sip.c fuzz-sip.c...
📄 PJSIP PJMEDIA H.264 Denial of Service
A logic validation flaw was identified in the H.264 packetization routine within the PJMEDIA component of PJSIP. Specifically, insufficient validation of FU-A Fragmentation Unit – Type A state handling in pjmediah264packetize may allow malformed RTP payloads to trigger unsafe pointer arithmetic...
Linux Distros Unpatched Vulnerability : CVE-2026-26203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library. Versions prior to 2.17 have a critical heap buffer underflow vulnerability in PJSIP's H.264...
CVE-2026-26967
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...
ALPINE-CVE-2026-26967
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...
CVE-2026-26967
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...
CVE-2026-26967 PJSIP has a Heap-based Buffer Overflow vulnerability in its H.264 unpacketizer
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...
CVE-2026-26967 PJSIP has a Heap-based Buffer Overflow vulnerability in its H.264 unpacketizer
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...
CVE-2026-26967
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...
CVE-2026-26967
PJSIP Vulnerability CVE-2026-26967: In 2.16 and earlier, the H.264 unpacketizer can overflow the heap when processing malformed SRTP packets, due to reading a 2-byte NAL unit size without validating bounds within the payload. Affected: PJSIP-based applications handling H.264 video streams. Impact...
CVE-2026-26967
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...
CVE-2026-26967 PJSIP has a Heap-based Buffer Overflow vulnerability in its H.264 unpacketizer
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...