132 matches found
PT-2026-35059
Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.17 Description An integer overflow occurs in the media stream buffer size calculation when processing Session Description Protocol SDP with asymmetric ptime configuration. This overflow can lead to an undersized buffe...
netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp
...
CVE-2026-31427
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntracksip module. This vulnerability occurs in the processsdp function when the rtpaddr variable is used without proper initialization if the Session Description Protocol SDP body lacks recognized media types...
EUVD-2026-21954
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix use of uninitialized rtpaddr in processsdp processsdp declares union nfinetaddr rtpaddr on the stack and passes it to the nfnatsip sdpsession hook after walking the SDP media descriptions. However...
UBUNTU-CVE-2026-31427
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix use of uninitialized rtpaddr in processsdp processsdp declares union nfinetaddr rtpaddr on the stack and passes it to the nfnatsip sdpsession hook after walking the SDP media descriptions. However...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the processsdp function using an uninitialized rtpaddr, potentially leading to incorrect rewriting of S...
CVE-2026-33069
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsipmultipartparse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...
CVE-2026-33069
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsipmultipartparse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...
CVE-2026-33069
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsipmultipartparse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...
CVE-2025-68136
EVerest is an EV charging software stack. Prior to version 2025.10.0, once the module receives a SDP request, it creates a whole new set of objects like Session, IConnection which open new TCP socket for the ISO15118-20 communications and registers callbacks for the created file descriptor, witho...
CVE-2025-68136 EVerest's inadequate session handling can lead to memory-related errors or exhaustion of the operating system’s file descriptors, resulting in a denial of service
EVerest is an EV charging software stack. Prior to version 2025.10.0, once the module receives a SDP request, it creates a whole new set of objects like Session, IConnection which open new TCP socket for the ISO15118-20 communications and registers callbacks for the created file descriptor, witho...
CVE-2025-68136
EVerest is an EV charging software stack. Prior to version 2025.10.0, once the module receives a SDP request, it creates a whole new set of objects like Session, IConnection which open new TCP socket for the ISO15118-20 communications and registers callbacks for the created file descriptor, witho...
CVE-2025-68136 EVerest's inadequate session handling can lead to memory-related errors or exhaustion of the operating system’s file descriptors, resulting in a denial of service
EVerest is an EV charging software stack. Prior to version 2025.10.0, once the module receives a SDP request, it creates a whole new set of objects like Session, IConnection which open new TCP socket for the ISO15118-20 communications and registers callbacks for the created file descriptor, witho...
EUVD-2025-206322
EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the TbdController loop, leading to its caller and itself to silently terminates. Thus, this leads to a denial of service as it is responsible of SDP and ISO15118-20 servers...
PT-2026-3847
Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2025.10.0 Description The software does not properly handle C++ exceptions within the TbdController loop. This can cause the loop and its caller to terminate unexpectedly, resulting in a denial of service. The...
EUVD-2016-7371
Malware in sbrugna...
EUVD-2013-2624
Malware in sbrugna...
EUVD-2019-10233
Malware in sbrugna...
EUVD-2015-0665
Malware in sbrugna...
EUVD-2023-28097
Malicious code in bioql PyPI...