Lucene search
K

23 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 4:0 p.m.10 views

CVE-2026-49475 FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 4:0 p.m.35 views

CVE-2026-49475 FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

7.5CVSS0.00278EPSS
Exploits0References2
NVD
NVD
added 2026/04/21 7:16 p.m.8 views

CVE-2026-40613

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.10.0, the STUN/TURN attribute parsing functions in coturn perform unsafe pointer casts from uint8t to uint16t without alignment checks. When processing a crafted STUN message with odd-aligned attribute boundaries, thi...

7.5CVSS0.01123EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-26991

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01122EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-23537

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN,...

9.8CVSS7.3AI score0.01026EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-23547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN,...

9.8CVSS8.3AI score0.00945EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/03 12:0 a.m.24 views

Zoom Client for Meetings < 5.13.5 Vulnerability (ZSB-23002)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.13.5. It is, therefore, affected by a vulnerability as referenced in the ZSB-23002 advisory. - Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted...

7.5CVSS7.4AI score0.01122EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/05/30 2:22 a.m.4 views

SUSE CVE-2023-32307

Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to GHSA-8599-x7rq-fr54, several other potential heap-over-flow and integer-overflow in stunparseattrerrorcode and stunparseattruint32 were found because the lack of attributes length check...

7.5CVSS7AI score0.01056EPSS
Exploits0References3
OSV
OSV
added 2023/05/26 11:15 p.m.3 views

DEBIAN-CVE-2023-32307

Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to GHSA-8599-x7rq-fr54, several other potential heap-over-flow and integer-overflow in stunparseattrerrorcode and stunparseattruint32 were found because the lack of attributes length check...

7.5CVSS7.3AI score0.01056EPSS
Exploits0References1
OSV
OSV
added 2023/05/26 11:15 p.m.3 views

UBUNTU-CVE-2023-32307

Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to GHSA-8599-x7rq-fr54, several other potential heap-over-flow and integer-overflow in stunparseattrerrorcode and stunparseattruint32 were found because the lack of attributes length check...

7.5CVSS7.1AI score0.01056EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/26 12:0 a.m.6 views

PT-2023-23716

Name of the Vulnerable Software and Affected Versions Sofia-SIP versions prior to 1.13.15 Description Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Several potential heap-over-flow and integer-overflow vulnerabilities were found in stun parse...

7.8CVSS7.1AI score0.01056EPSS
Exploits0References32
OSV
OSV
added 2023/03/16 9:15 p.m.8 views

CVE-2023-22881

Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service...

7.5CVSS7.1AI score0.01122EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/16 12:0 a.m.8 views

CVE-2023-22881 Denial of Service in Zoom Clients

Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service...

6.5CVSS7.4AI score0.01122EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/16 12:0 a.m.25 views

CVE-2023-22881 Denial of Service in Zoom Clients

Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service...

6.5CVSS7.8AI score0.01122EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/16 12:0 a.m.10 views

CVE-2023-22882 Denial of Service in Zoom Clients

Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service...

6.5CVSS7.4AI score0.01142EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.4 views

SUSE CVE-2023-22741

Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP lacks both message length and attributes length checks when it handles STUN packets, leading to controllable heap-over-flow. For example, in stunparseattribute, after ...

9.8CVSS9.7AI score0.0238EPSS
Exploits1References3
OSV
OSV
added 2022/12/23 3:15 p.m.4 views

UBUNTU-CVE-2022-23547

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...

9.8CVSS7.4AI score0.00945EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/12/23 12:0 a.m.8 views

PT-2022-16066 · Pjsua-Lib +5 · Pjsua-Lib +5

Name of the Vulnerable Software and Affected Versions: PJSIP affected versions not specified Description: The issue is related to a possible buffer overread when parsing a certain STUN message. This affects applications that use STUN, including PJNATH and PJSUA-LIB. The problem is similar to...

9.8CVSS7.5AI score0.0462EPSS
Exploits2References93
Veracode
Veracode
added 2022/12/21 6:48 a.m.37 views

Heap-Based Buffer Overflow

libpjsip.so is vulnerable to heap-based buffer overflow. An attacker is able to cause buffer overread by parsing a specially crafted STUN message with unknown attribute via multiple functions. This only affects applications using STUN including PJNATH and PJSUA-LIB...

9.8CVSS8.8AI score0.01026EPSS
Exploits0References3Affected Software3
OSV
OSV
added 2022/12/20 7:15 p.m.4 views

DEBIAN-CVE-2022-23537

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...

9.8CVSS8.3AI score0.01026EPSS
Exploits0References1
Rows per page
Query Builder