44 matches found
EUVD-2013-3328
Malware in sbrugna...
EUVD-2013-1216
Malware in sbrugna...
EUVD-2008-4425
Malware in sbrugna...
EUVD-2007-3341
Malware in sbrugna...
EUVD-2022-26904
Malicious code in bioql PyPI...
CVE-2025-53399
In Sipwise rtpengine before 13.4.1.1, an origin-validation error in the endpoint-learning logic of the media-relay core allows remote attackers to inject or intercept RTP/SRTP media streams via RTP packets except when the relay is configured for strict source and learning disabled. Version 13.4.1...
CVE-2025-53399
In Sipwise rtpengine before 13.4.1.1, an origin-validation error in the endpoint-learning logic of the media-relay core allows remote attackers to inject or intercept RTP/SRTP media streams via RTP packets except when the relay is configured for strict source and learning disabled. Version 13.4.1...
UBUNTU-CVE-2025-49140
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2025-49140 Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2013-1176
The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.32.30, TelePresence MCU MSE 8510 devices before 4.32.30, and TelePresence Server before 2.31.55 does not properly validate H.264 data, which allows remote attackers to cause a denial of service device reload via crafted RTP...
CVE-2013-3393
The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine allows remote attackers to cause a denial of service process crash and call disconnection via crafted RTP packets, aka Bug IDs CSCuh60706 and CSCue21117...
Cisco IP Phones Improper Input Validation (CVE-2008-4444)
Cisco Unified IP Phone aka SIP phone 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service device reboot or possibly execute arbitrary code via a Realtime Transport Protocol RTP packet with malformed headers. This...
PT-2024-6607 · Wireshark +3 · Wireshark +3
Name of the Vulnerable Software and Affected Versions: Wireshark versions 4.2.0 through 4.0.5 Wireshark versions 4.0.0 through 4.0.15 Description: The issue is related to a crash in the SPRT dissector of Wireshark, which can be exploited to cause a denial of service. This can be achieved via pack...
Buffer Overflows
vlc is vulnerable to Buffer Overflows. A heap-based buffer overflow vulnerability allows an attacker to exploit a flaw in the way that VLC handles RTP packets to cause a buffer overflow. The attacker could then use the buffer overflow to execute arbitrary code on a vulnerable system, steal data, ...
PJSIP 缓冲区错误漏洞
PJSIP is a free and open source multimedia communications library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A security vulnerability exists in PJSIP 2.11.1 and earlier versions, where there are multiple scenarios where certain incoming...
CVE-2019-17192
The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via...
Code injection
DISPUTED The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other...
CVE-2019-17192
The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via...
PT-2019-14995 · Signal +1 · Signal Private Messenger +1
Name of the Vulnerable Software and Affected Versions: Signal Private Messenger versions through 4.47.7 for Android Description: The issue is related to the WebRTC component in the Signal Private Messenger application, which processes videoconferencing RTP packets before a callee chooses to answe...
Digium Asterisk Denial of Service (CVE-2018-7285)
A denial of service vulnerability exists in Digium Asterisk. The vulnerability is due to improper handling of RTP packets. Successful exploitation of this vulnerability may result in a denial of service condition on the target service...