Lucene search
K

189 matches found

CNNVD
CNNVD
added 2023/03/13 12:0 a.m.5 views

SAMSUNG Mobile Chipset 安全漏洞

SAMSUNG Mobile Chipset is a family of chips from Samsung South Korea. A security vulnerability exists in the SAMSUNG Mobile Chipset baseband module, which results in a denial of service due to the chipset not properly checking the format type specified by the Session Description Protocol SDP modu...

9.8CVSS8.3AI score0.34546EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/03/13 12:0 a.m.12 views

CVE-2023-24033

The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol SDP module, which can lead to a denial of service...

7.5CVSS9.3AI score0.34546EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.3 views

SUSE CVE-2007-1561

The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service crash via a SIP INVITE message with an SDP containing one valid and one invalid IP address...

7.8CVSS6.8AI score0.14486EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.4 views

SUSE CVE-2008-0225

Heap-based buffer overflow in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmffdumpheader function and related to disregarding the max field. NOTE...

6.4CVSS8.4AI score0.14969EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.5 views

SUSE CVE-2008-0238

Multiple heap-based buffer overflows in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP 1 Title, 2 Author, or 3 Copyright attribute, related to the rmffdumpheader function, different vectors than CVE-2008-0225. NOTE:...

7.5CVSS8.1AI score0.04211EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.5 views

SUSE CVE-2008-1289

Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote...

7.5CVSS7.3AI score0.11523EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.4 views

SUSE CVE-2008-2374

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field th...

9.8CVSS7.7AI score0.04287EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.2 views

SUSE CVE-2013-1576

The dissectsdpmediaattribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service infinite loop via a malformed packet...

2.9CVSS7.4AI score0.00728EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.4 views

SUSE CVE-2013-2685

Stack-based buffer overflow in res/resformatattrh264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol SDP header...

7.5CVSS8.3AI score0.02621EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.4 views

SUSE CVE-2017-14767

The sdpparsefmtpconfigh264 function in libavformat/rtpdech264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service heap buffer overflow or possibly have unspecified other impact via a crafted sdp file...

8.8CVSS9.8AI score0.02712EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.5 views

SUSE CVE-2018-7285

A NULL pointer access issue was discovered in Asterisk 15.x through 15.2.1. The RTP support in Asterisk maintains its own registry of dynamic codecs and desired payload numbers. While an SDP negotiation may result in a codec using a different payload number, these desired ones are still stored...

7.5CVSS7.5AI score0.05132EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.4 views

SUSE CVE-2018-1000099

Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2...

7.5CVSS7.6AI score0.0354EPSS
Exploits0References3
OSV
OSV
added 2022/05/31 8:15 p.m.1 views

DEBIAN-CVE-2022-31001

Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by define MATCHs, m strncmps, m, n = sizeofm - 1 == 0, which will make n...

7.5CVSS7.2AI score0.02022EPSS
Exploits1References1
OSV
OSV
added 2022/05/31 8:15 p.m.2 views

DEBIAN-CVE-2022-31003

Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, rest = record + 2 will access the memory behind \0 and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causin...

9.8CVSS8.9AI score0.0366EPSS
Exploits1References1
OSV
OSV
added 2022/05/31 8:15 p.m.2 views

UBUNTU-CVE-2022-31003

Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, rest = record + 2 will access the memory behind \0 and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causin...

9.8CVSS6.1AI score0.0366EPSS
Exploits1References5
OSV
OSV
added 2022/05/31 8:15 p.m.3 views

UBUNTU-CVE-2022-31001

Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by define MATCHs, m strncmps, m, n = sizeofm - 1 == 0, which will make n...

7.5CVSS5.8AI score0.02022EPSS
Exploits1References5
OSV
OSV
added 2022/05/31 7:15 p.m.3 views

ALPINE-CVE-2022-31002

Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with %. Version 1.13.8 contains a patch for this issue...

7.5CVSS6.9AI score0.01802EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/05/31 12:0 a.m.4 views

Sofia-SIP 缓冲区错误漏洞

Sofia-SIP is an open source SIP user agent library from the individual developers of freeswitch, compliant with the IETF RFC3261 specification. A buffer error vulnerability exists in Sofia-SIP versions prior to 1.13.8, which stems from a problematic define MATCHs, m strncmps, m, n = sizeofm - 1 =...

7.5CVSS7.1AI score0.02022EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2022/05/31 12:0 a.m.7 views

PT-2022-20448

Name of the Vulnerable Software and Affected Versions Sofia-SIP versions prior to 1.13.8 Description Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. An attacker can send a message with malicious sdp to FreeSWITCH, which may cause a crash. This type of crash may be...

7.8CVSS7.1AI score0.02022EPSS
Exploits1References38
CNNVD
CNNVD
added 2022/05/31 12:0 a.m.11 views

Sofia-SIP 缓冲区错误漏洞

Sofia-SIP is an open source SIP user agent library from the individual developers of freeswitch that conforms to the IETF RFC3261 specification. A security vulnerability exists in Sofia-SIP, which stems from an out-of-bounds write to memory accessed by an application parsing sdp messages. An...

9.8CVSS8.2AI score0.0366EPSS
Exploits1References11
Rows per page
Query Builder