CVE-2022-29330

Missing access control in the backup system of Telesoft VitalPBX before 3.2.1 allows attackers to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors...

Linux Distros Unpatched Vulnerability : CVE-2022-24786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI Reference...

Linux Distros Unpatched Vulnerability : CVE-2023-27585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications...

Linux Distros Unpatched Vulnerability : CVE-2022-24792

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that u...

Linux Distros Unpatched Vulnerability : CVE-2023-38703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C, and Python languages. SRTP is a higher lev...

PJSIP: Heap Buffer Overflow

Background PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Description Please review the CVE identifier referenced below for details. Impact Please review the CVE identifier...

GLSA-202409-05 : PJSIP: Heap Buffer Overflow

The remote host is affected by the vulnerability described in GLSA-202409-05 PJSIP: Heap Buffer Overflow Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory. Note that Nessus has not...

CVE-2024-42491

Asterisk is an open-source private branch exchange PBX. Prior to versions 18.24.3, 20.9.3, and 21.4.3 of Asterisk and versions 18.9-cert12 and 20.7-cert2 of certified-asterisk, if Asterisk attempts to send a SIP request to a URI whose host portion starts with .1 or .1, and resresolverunbound is...

CVE-2024-35190

Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is fixed in 18.23.1, 20.8.1, and 21.3.1...

CVE-2024-35190

Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is fixed in 18.23.1, 20.8.1, and 21.3.1...

CVE-2024-35190

Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is fixed in 18.23.1, 20.8.1, and 21.3.1...

The vulnerability of the PJSIP_HEADER() function in Asterisk IP telephony management systems and Certified Asterisk versions allows attackers to trigger a service failure.

The vulnerability of the PJSIPHEADER function in Asterisk IP telephony systems and Certified Asterisk is related to the operation of writing data beyond the buffer in memory when processing the update argument. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Asterisk 安全漏洞

Asterisk is a software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk suffers from a buffer overflow vulnerability, which stems from the "update" function of the PJSIPHEADER dialplan function that may exceed the available buffer space for...

Ubuntu 23.10 : Ring vulnerabilities (USN-6422-2)

The remote Ubuntu 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6422-2 advisory. It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a...

Ubuntu 18.04 ESM / 20.04 LTS / 23.04 : Ring vulnerabilities (USN-6422-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6422-1 advisory. It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a speciall...

CVE-2023-38703

PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not...

DEBIAN-CVE-2023-38703

PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not...

ALPINE-CVE-2023-38703

PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not...

Design/Logic Flaw

PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not...

CVE-2023-38703

PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not...