38 matches found
EUVD-2026-41452
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and...
CVE-2026-13377
WatchGuard Fireware OS SIP Proxy module is affected by a Stored XSS via improper input neutralization during web page generation. The vulnerability affects Fireware OS versions 12.0–12.12, 12.5–12.5.18, and 2025.1–2026.2. Root cause: improper sanitization in the SIP Proxy configuration web interf...
EUVD-2008-1741
Malware in sbrugna...
EUVD-2025-29269
Malicious code in bioql PyPI...
CVE-2025-6947
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS via the SIP Proxy module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Firebox...
CVE-2025-6947 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in SIP Proxy Configuration
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS via the SIP Proxy module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Firebox...
PT-2025-37770
Name of the Vulnerable Software and Affected Versions: WatchGuard Fireware OS versions 12.0 through 12.11.2 Description: A Stored Cross-site Scripting XSS issue exists within the SIP Proxy module of WatchGuard Fireware OS. Exploitation requires an authenticated administrator session to a locally...
SIP Deregister Extension
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SIP Deregister Extension', 'Description' = %q This module will attempt to deregister a SIP user from the provider. It has been tested successfull...
USN-4240-1: Kamailio vulnerability
It was discovered that Kamailio incorrectly handled a specially crafted file. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...
CVE-2016-9938
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chansip channel driver has a liberal definition for whitespace when attempting to strip the content betwe...
Debian DSA-3535-1 : kamailio - security update
Stelios Tsampas discovered a buffer overflow in the Kamailio SIP proxy which might result in the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3535. The text...
[SECURITY] [DSA 3535-1] kamailio security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3535-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 29, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3535-1 (kamailio - security update)
Stelios Tsampas discovered a buffer overflow in the Kamailio SIP proxy which might result in the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb3535.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3535-1 using nvtgen 1.0 Script version: 1.0 Author:...
DSA-3535-1 kamailio - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3535-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.51 allows remote attackers to cause a denial of service SIP proxy service restart via a crafted HTTP request, aka Bug ID CSCuw31632...
CVE-2015-6310
The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.51 allows remote attackers to cause a denial of service SIP proxy service restart via a crafted HTTP request, aka Bug ID CSCuw31632...
Cisco Unified Communications Manager IM and Presence Service REST API Denial of Service Vulnerability
A vulnerability in the Representational State Transfer REST interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to cause a partial denial of service DoS condition because the Cisco Session Initiation Protocol SIP proxy...
reSIProcate 1.3.2 - Remote Denial of Service PoC
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS in reSIProcate MU-200807-01 July 10, 2008 http://labs.mudynamics.com/advisories.html Affected Products/Versions: repro SIP proxy/registrar 1.3.2 http://www.resiprocate.org/ReSIProcate1.3.2Release Any produ...
IBM WebSphere Application Server Multiple Vulnerabilities (Mar 2011)
IBM WebSphere Application Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...