189 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-13161
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through...
Linux Distros Unpatched Vulnerability : CVE-2022-39244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and...
Linux Distros Unpatched Vulnerability : CVE-2019-7251
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote...
Linux Distros Unpatched Vulnerability : CVE-2022-24764
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affect...
Linux Distros Unpatched Vulnerability : CVE-2021-26717
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6. When...
Linux Distros Unpatched Vulnerability : CVE-2020-14034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusgetcodecfrompt in utils.c has a Buffer Overflow via long value in an SDP...
Linux Distros Unpatched Vulnerability : CVE-2020-13898
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janussdpprocess in sdp.c has a NULL pointer dereference. CVE-2020-13898 Note th...
Sony XAV-AX8500 输入验证错误漏洞
The SONY XAV-AX8500 is a car AV receiver with enhanced features. The SONY XAV-AX8500 suffers from an input validation error vulnerability that stems from an improper implementation of the Bluetooth SDP protocol resulting in an integer overflow, which can be exploited by an attacker to execute...
CVE-2023-26497
An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5125. Memory corruption can occur when processing Session Description Negotiation for Video Configuration Attribute...
CVE-2023-27600
OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.7 and 3.2.4, OpenSIPS crashes when a malformed SDP body is received and is processed by the deletesdpline function in the sipmsgops module. This issue can be reproduced by calling the function with an SDP...
CVE-2023-27596
OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.8 and 3.2.5, OpenSIPS crashes when a malformed SDP body is sent multiple times to an OpenSIPS configuration that makes use of the streamprocess function. This issue was discovered during coverage guided...
CVE-2023-24033
The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol SDP module, which can lead to a denial of service...
CVE-2020-11189
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2020-11190
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
PT-2025-5652 · Git +1 · Kamailio
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the functions extract mediaip, parse sdp session, and parse mixed content. No...
PT-2024-40617 · Git +1 · Kamailio
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A heap-buffer-overflow READ 6 crash has been reported. The crash involves the functions extract fmtp, parse sdp session, and parse mixed content...
PT-2024-40604 · Git +1 · Kamailio
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 6 crash occurred, involving the functions extract sendrecv mode, parse sdp session, and parse mixed content. Recommendations:...
PT-2024-37412
Name of the Vulnerable Software and Affected Versions: BT: Classic affected versions not specified Description: The issue concerns an SDP OOB access vulnerability in the get att search list function of BT Classic. Recommendations: At the moment, there is no information about a newer version that...
CVE-2024-6974
Cato Networks Windows SDP Client Local Privilege Escalation via self-upgradeThis issue affects SDP Client: before 5.10.34...
CVE-2024-20895
Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features...