Lucene search
K

189 matches found

osv
osv
added 2022/03/22 5:15 p.m.4 views

UBUNTU-CVE-2022-24764

PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API pjmediasdpprint, pjmediasdpmediaprint. Applications that do not use PJSUA2 and do not directly...

7.5CVSS7.5AI score0.02303EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2022/03/22 12:0 a.m.4 views

PT-2022-2681 · Pjsip +4 · Pjsip +4

Name of the Vulnerable Software and Affected Versions: PJSIP versions 2.12 and prior Description: The issue is related to a stack buffer overflow vulnerability in the PJSIP multimedia communication library, specifically affecting users of PJSUA2 or those who call the API endpoints pjmedia sdp pri...

9.8CVSS9AI score0.16406EPSS
Exploits2References115
cnnvd
cnnvd
added 2022/03/22 12:0 a.m.7 views

PJSIP 安全漏洞

PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A security vulnerability exists in PJSIP 2.12 and earlier versions that stems from a stack-based buffer overflow vulnerability in...

7.5CVSS7.6AI score0.02303EPSS
Exploits0References14
cnnvd
cnnvd
added 2021/03/01 12:0 a.m.7 views

Qualcomm 封闭源组件安全漏洞

A security vulnerability exists in the Qualcomm Closed Source component that stems from the absence of a NULL termination check on the SDP, which may result in a buffer over-read when parsing received SDP values...

9.1CVSS8.5AI score0.00959EPSS
Exploits0References3
cnnvd
cnnvd
added 2021/03/01 12:0 a.m.7 views

Qualcomm 封闭源组件 安全漏洞

The Qualcomm Component is a component of Qualcomm Incorporated USA. An intrinsic part that provides the functionality of Qualcomm devices. A security vulnerability exists in the Qualcomm Closed Source Component that stems from the absence of a NULL termination check on the SDP, where a buffer...

9.1CVSS8.5AI score0.00959EPSS
Exploits0References3
osv
osv
added 2021/02/18 8:15 p.m.4 views

ALPINE-CVE-2021-26906

An issue was discovered in respjsipsession.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16.8-cert5. An SDP negotiation vulnerability in PJSIP allows a remote server to potentially crash...

5.9CVSS7.1AI score0.02547EPSS
Exploits0References1
osv
osv
added 2021/02/18 8:15 p.m.5 views

DEBIAN-CVE-2021-26906

An issue was discovered in respjsipsession.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16.8-cert5. An SDP negotiation vulnerability in PJSIP allows a remote server to potentially crash...

5.9CVSS6AI score0.02547EPSS
Exploits0References1
osv
osv
added 2021/02/18 8:15 p.m.6 views

ALPINE-CVE-2021-26717

An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6. When re-negotiating for T.38, if the initial remote response was delayed just enough, Asterisk would send both audio and T.38 in the SDP. If this...

7.5CVSS7AI score0.02177EPSS
Exploits0References1
cnnvd
cnnvd
added 2021/02/18 12:0 a.m.7 views

Digium Asterisk Security Vulnerability

Digium Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR, and more. A security vulnerability exists in Digium Asterisk. The vulnerability stems from allowing a...

5.9CVSS6.3AI score0.02547EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2021/02/18 12:0 a.m.8 views

PT-2021-17165 · Asterisk +2 · Asterisk +2

Name of the Vulnerable Software and Affected Versions: Asterisk versions 13.38.1 and earlier, 14.x, 15.x, 16.x through 16.16.0, 17.x through 17.9.1, and 18.x through 18.2.0 Certified Asterisk versions 16.8-cert5 and earlier Description: An issue in res pjsip session.c allows a remote server to...

8.8CVSS6.1AI score0.4557EPSS
Exploits13References47
kitploit
kitploit
added 2020/10/12 11:30 a.m.46 views

Wave-Share - Serverless, Peer-To-Peer, Local File Sharing Through Sound

A proof-of-concept for WebRTC signaling using sound. Works with all devices that have microphone + speakers. Runs in the browser. Nearby devices negotiate the WebRTC connection by exchanging the necessary Session Description Protocol SDP data via a sequence of audio tones. Upon successful...

6.8AI score
Exploits0References3
cnvd
cnvd
added 2020/06/16 12:0 a.m.4 views

Meetecho Janus Buffer Overflow Vulnerability (CNVD-2020-53119)

Meetecho Janus is a WebRTC Web Real Time Communication server from Meetecho. A buffer overflow vulnerability exists in the 'janusstreamingrtspparsesdp' function in the plugins/janusstreaming.c file in Meetecho Janus 0.10.0 and earlier versions, which originates when the program fails to properly...

9.8CVSS8.2AI score0.01897EPSS
Exploits0References1
osv
osv
added 2020/06/15 5:15 p.m.3 views

DEBIAN-CVE-2020-14033

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusstreamingrtspparsesdp in plugins/janusstreaming.c has a Buffer Overflow via a crafted RTSP server...

9.8CVSS8.5AI score0.01897EPSS
Exploits0References1
osv
osv
added 2020/06/15 5:15 p.m.5 views

DEBIAN-CVE-2020-14034

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusgetcodecfrompt in utils.c has a Buffer Overflow via long value in an SDP Offer packet...

9.8CVSS8.5AI score0.02288EPSS
Exploits0References1
osv
osv
added 2020/06/15 5:15 p.m.5 views

UBUNTU-CVE-2020-14034

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusgetcodecfrompt in utils.c has a Buffer Overflow via long value in an SDP Offer packet...

9.8CVSS7.3AI score0.02288EPSS
Exploits0References6
osv
osv
added 2020/06/10 10:15 p.m.4 views

DEBIAN-CVE-2020-13898

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janussdpprocess in sdp.c has a NULL pointer dereference...

7.5CVSS7.3AI score0.02371EPSS
Exploits1References1
bdu_fstec
bdu_fstec
added 2020/01/13 12:0 a.m.6 views

The vulnerability of the VoIP device Mitel MiVoice 5330e arises from an operation that goes beyond the buffer in memory, allowing an attacker to trigger a service failure and execute arbitrary code.

The vulnerability of the VoIP device Mitel MiVoice 5330e arises from an operation that goes beyond the buffer in memory during the processing of SIP/SDP packets. Exploiting this vulnerability allows a malicious actor to cause service failures and execute arbitrary codes...

10CVSS8.3AI score0.04867EPSS
Exploits1References4Affected Software1
osv
osv
added 2019/07/12 8:15 p.m.4 views

DEBIAN-CVE-2019-13161

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...

5.3CVSS6.9AI score0.04031EPSS
Exploits0References1
osv
osv
added 2019/07/12 8:15 p.m.6 views

UBUNTU-CVE-2019-13161

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...

5.3CVSS6.2AI score0.04031EPSS
Exploits0References4
attackerkb
attackerkb
added 2019/07/12 8:15 p.m.5 views

CVE-2019-13161

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...

5.3CVSS5.6AI score0.04031EPSS
Exploits0References5
Rows per page
Query Builder