6 matches found
UBUNTU-CVE-2026-26967
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...
DEBIAN-CVE-2023-38703
PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not...
UBUNTU-CVE-2022-39269
PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users tha...
ALPINE-CVE-2021-26712
Incorrect access controls in ressrtp.c in Sangoma Asterisk 13.38.1, 16.16.0, 17.9.1, and 18.2.0 and Certified Asterisk 16.8-cert5 allow a remote unauthenticated attacker to prematurely terminate secure calls by replaying SRTP packets...
Unspecified Vulnerability in Mitel Networks 6800 and 6900 SIP Series
Mitel Networks 6800 SIP and Mitel Networks 6900 SIP are both products of Mitel Networks Canada.Mitel Networks 6800 SIP is a 6800 SIP series IP phone.Mitel Networks 6900 SIP is a 6900 Mitel Networks 6900 SIP is a 6900 SIP series IP phone. A security vulnerability exists in the SRTP 128-bit key...
openssl: SRTP memory leak causes crash when using specially-crafted handshake message
A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol SRTP extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server...