CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

693 matches found

OSV•added 2023/10/06 2:15 p.m.•2 views

UBUNTU-CVE-2023-38703

PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not...

9.8CVSS5.8AI score0.0128EPSS

Exploits0References4

Vulnrichment•added 2023/10/06 1:46 p.m.•15 views

CVE-2023-38703 PJSIP has use-after-free vulnerability in SRTP media transport

9.8CVSS9.4AI score0.0128EPSS

Exploits0References3

Cvelist•added 2023/10/06 1:46 p.m.•26 views

CVE-2023-38703 PJSIP has use-after-free vulnerability in SRTP media transport

9.8CVSS9.6AI score0.0128EPSS

Exploits0References3

CVE•added 2023/10/06 1:46 p.m.•139 views

CVE-2023-38703

CVE-2023-38703 affects the PJSIP library when SRTP is enabled and the underlying transport is not UDP. The issue is a use-after-free in the higher-level SRTP path that is not synchronized with the lower transport, potentially causing memory corruption or application termination. The description n...

9.8CVSS9.4AI score0.0128EPSS

Exploits0References3Affected Software1

Debian CVE•added 2023/10/06 1:46 p.m.•18 views

CVE-2023-38703

9.8CVSS8.5AI score0.0128EPSS

Exploits0

AlpineLinux•added 2023/10/06 1:46 p.m.•17 views

CVE-2023-38703

9.8CVSS9.5AI score0.0128EPSS

Exploits0

OSV•added 2023/10/06 1:46 p.m.•30 views

CVE-2023-38703 PJSIP has use-after-free vulnerability in SRTP media transport

9.8CVSS9.2AI score0.0128EPSS

Exploits0References5

Positive Technologies•added 2023/10/06 12:0 a.m.•5 views

PT-2023-26568 · Pjsip +2 · Pjsip +2

Name of the Vulnerable Software and Affected Versions: PJSIP affected versions not specified Description: The issue affects applications that have SRTP capability PJMEDIA HAS SRTP is set and use underlying media transport other than UDP. A higher level transport is not synchronized with its lower...

9.8CVSS8.6AI score0.45293EPSS

Exploits7References77

Tenable Nessus•added 2023/08/30 12:0 a.m.•31 views

Debian dla-3549 : jami - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3549 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3549-1 [email protected]...

9.8CVSS8.6AI score0.0462EPSS

Exploits2References42

Positive Technologies•added 2023/07/06 12:0 a.m.•4 views

PT-2023-7750 · Sangoma +2 · Asterisk +3

Name of the Vulnerable Software and Affected Versions: Asterisk versions 18.20.0 and prior Asterisk versions 20.5.0 and prior Asterisk version 21.0.0 certified-asterisk versions 18.9-cert5 and prior Description: The issue is related to the PJSIP HEADER dialplan function in Asterisk, where the...

9.8CVSS6.2AI score0.45293EPSS

Exploits13References62

Tenable Nessus•added 2023/06/23 12:0 a.m.•23 views

Debian DSA-5438-1 : asterisk - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5438 advisory. A flaw was found in Asterisk, an Open Source Private Branch Exchange. A buffer overflow vulnerability affects users that use PJSIP DNS resolver. This vulnerabilit...

7.5CVSS7.3AI score0.0233EPSS

Exploits1References8

Tenable Nessus•added 2023/04/25 12:0 a.m.•31 views

Debian dla-3394 : asterisk - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3394 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3394-1 [email protected]...

7.5CVSS7.3AI score0.0233EPSS

Exploits1References6

OpenVAS•added 2023/04/24 12:0 a.m.•17 views

Debian: Security Advisory (DLA-3394-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.7AI score0.0233EPSS

Exploits1References4

Debian•added 2023/04/18 10:22 p.m.•22 views

[SECURITY] [DLA 3394-1] asterisk security update

Debian LTS Advisory DLA-3394-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 19, 2023 https://wiki.debian.org/LTS Package : asterisk Version : 1:16.28.0dfsg-0+deb10u3 CVE ID : CVE-2023-27585 A flaw was found in Asterisk, an Open Source Private Branch...

7.5CVSS7AI score0.0233EPSS

Exploits1

NVD•added 2023/03/14 5:15 p.m.•20 views

CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...

7.5CVSS7.6AI score0.0233EPSS

Exploits1References8

UbuntuCve•added 2023/03/14 5:15 p.m.•38 views

CVE-2023-27585

7.5CVSS7.3AI score0.0233EPSS

Exploits1References7

Prion•added 2023/03/14 5:15 p.m.•22 views

Buffer overflow

5CVSS7.5AI score0.0233EPSS

Exploits1References7Affected Software1

Vulnrichment•added 2023/03/14 12:0 a.m.•6 views

CVE-2023-27585

7.5CVSS7.6AI score0.0233EPSS

Exploits1References7

CNNVD•added 2023/03/14 12:0 a.m.•3 views

PJSIP 安全漏洞

PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A security vulnerability exists in PJSIP 2.13 and earlier versions, which stems from the presence of a buffer overflow vulnerability...

7.5CVSS7.5AI score0.0233EPSS

Exploits1References13

Cvelist•added 2023/03/14 12:0 a.m.•24 views

CVE-2023-27585

7.5CVSS8.2AI score0.0233EPSS

Exploits1References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by