Lucene search
K

129 matches found

CNNVD
CNNVD
added 2022/03/22 12:0 a.m.6 views

PJSIP 安全漏洞

PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A security vulnerability exists in PJSIP 2.12 and earlier versions that stems from a stack-based buffer overflow vulnerability in...

7.5CVSS7.6AI score0.02303EPSS
Exploits0References14
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.6 views

Qualcomm 封闭源组件 安全漏洞

The Qualcomm Component is a component of Qualcomm Incorporated USA. An intrinsic part that provides the functionality of Qualcomm devices. A security vulnerability exists in the Qualcomm Closed Source Component that stems from the absence of a NULL termination check on the SDP, where a buffer...

9.1CVSS8.5AI score0.00959EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.6 views

Qualcomm 封闭源组件安全漏洞

A security vulnerability exists in the Qualcomm Closed Source component that stems from the absence of a NULL termination check on the SDP, which may result in a buffer over-read when parsing received SDP values...

9.1CVSS8.5AI score0.00959EPSS
Exploits0References3
OSV
OSV
added 2021/02/18 8:15 p.m.5 views

ALPINE-CVE-2021-26717

An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6. When re-negotiating for T.38, if the initial remote response was delayed just enough, Asterisk would send both audio and T.38 in the SDP. If this...

7.5CVSS7AI score0.02177EPSS
Exploits0References1
OSV
OSV
added 2021/02/18 8:15 p.m.4 views

DEBIAN-CVE-2021-26906

An issue was discovered in respjsipsession.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16.8-cert5. An SDP negotiation vulnerability in PJSIP allows a remote server to potentially crash...

5.9CVSS6AI score0.02547EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/18 12:0 a.m.7 views

Digium Asterisk Security Vulnerability

Digium Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR, and more. A security vulnerability exists in Digium Asterisk. The vulnerability stems from allowing a...

5.9CVSS6.3AI score0.02547EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2021/02/18 12:0 a.m.7 views

PT-2021-17165 · Asterisk +2 · Asterisk +2

Name of the Vulnerable Software and Affected Versions: Asterisk versions 13.38.1 and earlier, 14.x, 15.x, 16.x through 16.16.0, 17.x through 17.9.1, and 18.x through 18.2.0 Certified Asterisk versions 16.8-cert5 and earlier Description: An issue in res pjsip session.c allows a remote server to...

8.8CVSS6.1AI score0.4557EPSS
Exploits13References47
Kitploit
Kitploit
added 2020/10/12 11:30 a.m.46 views

Wave-Share - Serverless, Peer-To-Peer, Local File Sharing Through Sound

A proof-of-concept for WebRTC signaling using sound. Works with all devices that have microphone + speakers. Runs in the browser. Nearby devices negotiate the WebRTC connection by exchanging the necessary Session Description Protocol SDP data via a sequence of audio tones. Upon successful...

6.8AI score
Exploits0References3
CNVD
CNVD
added 2020/06/16 12:0 a.m.4 views

Meetecho Janus Buffer Overflow Vulnerability (CNVD-2020-53119)

Meetecho Janus is a WebRTC Web Real Time Communication server from Meetecho. A buffer overflow vulnerability exists in the 'janusstreamingrtspparsesdp' function in the plugins/janusstreaming.c file in Meetecho Janus 0.10.0 and earlier versions, which originates when the program fails to properly...

9.8CVSS8.2AI score0.01897EPSS
Exploits0References1
OSV
OSV
added 2020/06/15 5:15 p.m.4 views

DEBIAN-CVE-2020-14034

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusgetcodecfrompt in utils.c has a Buffer Overflow via long value in an SDP Offer packet...

9.8CVSS8.5AI score0.02288EPSS
Exploits0References1
OSV
OSV
added 2020/06/15 5:15 p.m.3 views

DEBIAN-CVE-2020-14033

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusstreamingrtspparsesdp in plugins/janusstreaming.c has a Buffer Overflow via a crafted RTSP server...

9.8CVSS8.5AI score0.01897EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/01/13 12:0 a.m.5 views

The vulnerability of the VoIP device Mitel MiVoice 5330e arises from an operation that goes beyond the buffer in memory, allowing an attacker to trigger a service failure and execute arbitrary code.

The vulnerability of the VoIP device Mitel MiVoice 5330e arises from an operation that goes beyond the buffer in memory during the processing of SIP/SDP packets. Exploiting this vulnerability allows a malicious actor to cause service failures and execute arbitrary codes...

10CVSS8.3AI score0.04867EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2019/07/12 8:15 p.m.3 views

DEBIAN-CVE-2019-13161

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...

5.3CVSS6.9AI score0.04031EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2019/07/12 8:15 p.m.4 views

CVE-2019-13161

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...

5.3CVSS5.6AI score0.04031EPSS
Exploits0References5
OSV
OSV
added 2019/07/12 8:15 p.m.5 views

UBUNTU-CVE-2019-13161

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...

5.3CVSS6.2AI score0.04031EPSS
Exploits0References4
OSV
OSV
added 2019/03/28 5:29 p.m.4 views

ALPINE-CVE-2019-7251

An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation...

6.5CVSS6.7AI score0.03811EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/02/21 12:0 a.m.6 views

The vulnerability of the Cisco Meeting Server platform, which exists due to insufficient validation of input data, allows a hacker to trigger a service failure.

The vulnerability of the Cisco Meeting Server platform exists due to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially crafted SDP message...

6.8CVSS6.9AI score0.0182EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2019/02/12 12:0 a.m.5 views

Cisco Meeting Server Denial of Service Vulnerability (CNVD-2019-16513)

Cisco Meeting Server formerly known as Acano Conferencing Server, CMS is the United States Cisco Cisco company's set of audio and video conferencing server software. A denial of service vulnerability exists in Session Initiation Protocol SIP call processing in Cisco Meeting Server CMS versions...

7.5CVSS6.8AI score0.0182EPSS
Exploits0References1
OSV
OSV
added 2019/02/08 6:29 p.m.4 views

CVE-2019-1676

A vulnerability in the Session Initiation Protocol SIP call processing of Cisco Meeting Server CMS software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Cisco Meeting Server. The vulnerability is due to insufficient validation of Session...

7.5CVSS6.9AI score0.0182EPSS
Exploits0References2
OSV
OSV
added 2018/10/23 9:30 p.m.6 views

CVE-2018-15497

The Mitel MiVoice 5330e VoIP device is affected by memory corruption flaws in the SIP/SDP packet handling functionality. An attacker can exploit this issue remotely, by sending a particular pattern of SIP/SDP packets, to cause a denial of service state in the affected devices and probably remote...

9.8CVSS6AI score0.04867EPSS
Exploits1References2
Rows per page
Query Builder