CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

693 matches found

OSV•added 2022/10/06 12:0 a.m.•42 views

CVE-2022-39244 Buffer overflow in pjlib scanner and pjmedia

PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been...

7.5CVSS9.4AI score0.01084EPSS

Exploits0References9

Positive Technologies•added 2022/10/06 12:0 a.m.•3 views

PT-2022-5347 · Pjsip +3 · Pjsip +3

Name of the Vulnerable Software and Affected Versions: PJSIP versions prior to 2.13 Description: The issue is related to a buffer overflow vulnerability in the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser. This vulnerability can be exploited by a remote attacker to execute arbitrary...

10CVSS8.3AI score0.0462EPSS

Exploits2References101

OSV•added 2022/08/30 7:15 a.m.•0 views

UBUNTU-CVE-2021-46837

respjsipt38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrenc...

6.5CVSS6.6AI score0.01752EPSS

Exploits0References3

CNVD•added 2022/06/28 12:0 a.m.•19 views

VitalPBX Access Control Error Vulnerability

VitalPBX is an Asterisk-based unified communications PBX system. It supports deployment on both virtual or physical machines, as well as in cloud server environments. An Access Control Error vulnerability exists in VitalPBX versions prior to 3.2.1, which stems from a lack of access control in the...

4.9CVSS5.1AI score0.00901EPSS

Exploits1References1

NVD•added 2022/06/24 4:15 p.m.•13 views

CVE-2022-29330

Missing access control in the backup system of Telesoft VitalPBX before 3.2.1 allows attackers to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors...

4.9CVSS0.00901EPSS

Exploits1References2

Prion•added 2022/06/24 4:15 p.m.•16 views

Improper access control

4CVSS5AI score0.00901EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/06/24 3:20 p.m.•12 views

CVE-2022-29330

5.4AI score0.00901EPSS

Exploits1References2

CVE•added 2022/06/24 3:20 p.m.•64 views

CVE-2022-29330

The CVE-2022-29330 entry concerns VitalPBX (pre-3.2.1) with a missing access control in the backup system. The underlying flaw allows unauthorized access to sensitive data, including PJSIP and SIP extension credentials, cryptographic keys, and voicemail files, via unspecified vectors. Evidence ac...

4.9CVSS5AI score0.00901EPSS

Exploits1References2Affected Software1

NVD•added 2022/06/09 4:15 p.m.•13 views

CVE-2022-31031

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their...

9.8CVSS0.01809EPSS

Exploits0References7

UbuntuCve•added 2022/06/09 4:15 p.m.•34 views

CVE-2022-31031

9.8CVSS7.2AI score0.01809EPSS

Exploits0References4

Prion•added 2022/06/09 4:15 p.m.•25 views

Stack overflow

6.8CVSS9.4AI score0.01809EPSS

Exploits0References6Affected Software2

OSV•added 2022/06/09 4:15 p.m.•0 views

UBUNTU-CVE-2022-31031

9.8CVSS7.5AI score0.01809EPSS

Exploits0References5

CNNVD•added 2022/06/09 12:0 a.m.•5 views

PJSIP 缓冲区错误漏洞

PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A security vulnerability exists in PJSIP version 2.12.1 and earlier, which can be exploited by an attacker to compromise PJSIP users...

9.8CVSS8.2AI score0.01809EPSS

Exploits0References12

Cvelist•added 2022/06/07 12:0 a.m.•27 views

CVE-2022-31031 Potential stack buffer overflow when parsing message as a STUN client

9.8CVSS9.8AI score0.01809EPSS

Exploits0References6

Vulnrichment•added 2022/06/07 12:0 a.m.•6 views

CVE-2022-31031 Potential stack buffer overflow when parsing message as a STUN client

9.8CVSS9.7AI score0.01809EPSS

Exploits0References6

Debian CVE•added 2022/06/07 12:0 a.m.•52 views

CVE-2022-31031

9.8CVSS8.6AI score0.01809EPSS

Exploits0

CVE•added 2022/06/07 12:0 a.m.•112 views

CVE-2022-31031

CVE-2022-31031 affects PJSIP (pjproject) up to version 2.12.1. Root cause: a stack-based buffer overflow when using STUN (via STUN server config or pjlib-util/stun_simple). A patch exists in commit 450baca and should be included in the next release; no workaround is documented. Upgrade to a relea...

9.8CVSS9.6AI score0.01809EPSS

Exploits0References7Affected Software1

AlpineLinux•added 2022/06/07 12:0 a.m.•22 views

CVE-2022-31031

9.8CVSS9.7AI score0.01809EPSS

Exploits0

OSV•added 2022/06/07 12:0 a.m.•28 views

CVE-2022-31031 Potential stack buffer overflow when parsing message as a STUN client

9.8CVSS9.5AI score0.01809EPSS

Exploits0References9

Positive Technologies•added 2022/06/07 12:0 a.m.•2 views

PT-2022-20474

Name of the Vulnerable Software and Affected Versions PJSIP versions prior to and including 2.12.1 Description PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A stack buffer...

9.8CVSS7.2AI score0.0462EPSS

Exploits2References47

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by