CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

693 matches found

OSV•added 2026/03/20 3:54 a.m.•2 views

CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

8.4CVSS5.9AI score0.00308EPSS

Exploits1References4

CVE•added 2026/03/20 3:43 a.m.•11 views

CVE-2026-32942

PJSIP (C library) contains a heap use-after-free in the ICE session for versions 2.16 and earlier, caused by race conditions between session destruction and callbacks. This may lead to crashes; upgrading to version 2.17 fixes the issue. References confirm affected versions and fix.

9.3CVSS5.7AI score0.00319EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/03/20 3:43 a.m.•1 views

CVE-2026-32942 PJSIP has ICE session use-after-free race conditions

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

9.3CVSS5.7AI score0.00319EPSS

Exploits0References3

ATTACKERKB•added 2026/03/20 3:43 a.m.•1 views

CVE-2026-32942

9.3CVSS5.7AI score0.00319EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/03/20 3:43 a.m.•22 views

CVE-2026-32942 PJSIP has ICE session use-after-free race conditions

9.3CVSS0.00319EPSS

Exploits0References3

OSV•added 2026/03/20 3:43 a.m.•2 views

CVE-2026-32942 PJSIP has ICE session use-after-free race conditions

9.3CVSS5.8AI score0.00319EPSS

Exploits0References5

Debian CVE•added 2026/03/20 3:43 a.m.•2 views

CVE-2026-32942

9.3CVSS5.3AI score0.00319EPSS

Exploits0

AlpineLinux•added 2026/03/20 3:43 a.m.•1 views

CVE-2026-32942

9.3CVSS5.3AI score0.00319EPSS

Exploits0

Positive Technologies•added 2026/03/20 12:0 a.m.•4 views

PT-2026-26552

Name of the Vulnerable Software and Affected Versions PJSIP versions 2.16 and below Description PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a Heap-based Buffer Overflow in the DNS parser's name length handler. This impacts...

9.8CVSS5.8AI score0.00308EPSS

Exploits1References8

CNNVD•added 2026/03/20 12:0 a.m.•4 views

PJSIP 安全漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP versions 2.16 and earlier contained a security vulnerability caused by a stack buffer overflow in the D...

9.8CVSS6.2AI score0.00308EPSS

Exploits1References2

Positive Technologies•added 2026/03/20 12:0 a.m.•1 views

PT-2026-26586

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsip multipart parse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...

6.9CVSS6AI score0.0026EPSS

Exploits0References7

Tenable Nessus•added 2026/03/10 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-29068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when...

8.7CVSS5.6AI score0.00314EPSS

Exploits0References2

Tenable Nessus•added 2026/03/10 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-28799

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's even...

8.7CVSS5.3AI score0.00285EPSS

Exploits0References2

NVD•added 2026/03/06 7:16 a.m.•4 views

CVE-2026-29068

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...

8.7CVSS0.00314EPSS

Exploits0References2

OSV•added 2026/03/06 7:16 a.m.•5 views

DEBIAN-CVE-2026-28799

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework evsub.c that is triggered during presence unsubscription SUBSCRIBE with Expires=0. This issue has been patched i...

7.5CVSS5.3AI score0.00285EPSS

Exploits0References1

UbuntuCve•added 2026/03/06 7:16 a.m.•3 views

CVE-2026-28799

8.7CVSS5.9AI score0.00285EPSS

Exploits0References3

UbuntuCve•added 2026/03/06 7:16 a.m.•3 views

CVE-2026-29068

8.7CVSS5.9AI score0.00314EPSS

Exploits0References3

NVD•added 2026/03/06 7:16 a.m.•8 views

CVE-2026-28799

8.7CVSS0.00285EPSS

Exploits0References2

OSV•added 2026/03/06 7:16 a.m.•5 views

UBUNTU-CVE-2026-29068

8.7CVSS6AI score0.00314EPSS

Exploits0References4

CVE•added 2026/03/06 6:36 a.m.•23 views

CVE-2026-28799

CVE-2026-28799 affects the PJSIP multimedia library (up to version 2.16). A heap use-after-free flaw exists in PJSIP’s event subscription framework (evsub.c) and is triggered during presence unsubscription with SubSCRIBE and Expires=0. The issue can impact availability (high impact) with negligib...

8.7CVSS5.8AI score0.00285EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by