509 matches found
PT-2026-3119
Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC versions prior to 21.2R3-S10 Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC versions 21.4 through 21.4R3-S12 Juniper Networks Junos OS o...
(0Day) ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SIP calls. The issue results from the lack of...
PT-2026-2020
Name of the Vulnerable Software and Affected Versions ALGO 8180 IP Audio Alerter affected versions not specified Description A flaw exists in the handling of the Alert-Info header within SIP INVITE requests. The issue stems from insufficient validation of user-supplied data length before copying ...
Multi-Regional Cloud Honeypot Dataset (MURHCAD)
This data article introduces a comprehensive, high-resolution honeynet dataset designed to support standalone analyses of global cyberattack behaviors. Collected over a continuous 72-hour window June 9 to 11, 2025 on Microsoft Azure, the dataset comprises 132,425 individual attack events captured...
CVE-2022-27928
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol...
CVE-2025-15251 beecue FastBee SIP Message ReqAbstractHandler.java getRootElement xml external entity reference
A vulnerability was detected in beecue FastBee up to 2.1. Impacted is the function getRootElement of the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java of the component SIP Message Handler. The manipulation results in xml external entit...
CVE-2025-15251 beecue FastBee SIP Message ReqAbstractHandler.java getRootElement xml external entity reference
A vulnerability was detected in beecue FastBee up to 2.1. Impacted is the function getRootElement of the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java of the component SIP Message Handler. The manipulation results in xml external entit...
SIPGO 安全漏洞
SIPGO is a SIP library for writing fast SIP services in GO by Emia Individual Developers. A security vulnerability exists in SIPGO versions 0.3.0 up to and including 1.0.0-alpha-1, which stems from the presence of a null pointer dereference in the NewResponseFromRequest function, which may cause ...
Kamailio 代码问题漏洞
Kamailio is an open source implementation of a SIP signaling server from Kamailio Open Source. A code issue vulnerability exists in Kamailio version 5.5, which stems from a null pointer dereference in the function yyerrorat in the file src/core/cfg.y, which could lead to a local attack...
Cisco Desk/IP/Video Phone Cross Site Scripting (cisco-sa-phone-dos-FPyjLV7A) (CVE-2025-20351)
According to its self-reported version, the remote Cisco Desk, IP, or Video Phone running SIP Software is affected by a cross site scripting vulnerability: - A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisc...
CVE-2025-20351 Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. This vulnerability exists because the web ...
CVE-2025-20329
The CVE-2025-20329 entry describes a vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software. When SIP media component logging is enabled, unencrypted credentials are stored, allowing an authenticated attacker with valid administrative cr...
Cisco TelePresence Collaboration Endpoint Software 日志信息泄露漏洞
Cisco TelePresence Collaboration Endpoint Software is a suite of collaboration endpoint software from Cisco. A log information disclosure vulnerability exists in Cisco TelePresence Collaboration Endpoint Software, which stems from unencrypted credentials being stored when logging is enabled for t...
Cisco SIP Software 安全漏洞
Cisco SIP Software is a SIP protocol software system from Cisco USA. A security vulnerability exists in Cisco SIP Software that stems from a buffer overflow when processing HTTP packets, which could lead to a denial of service attack...
CVE-2025-52960
A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific SIP...
EUVD-2025-33402
A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...
CVE-2025-52960 Junos OS: SRX Series and MX Series: Receipt of specific SIP packets in a high utilization situation causes a flowd/mspmand crash
A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...
CVE-2025-52960
CVE-2025-52960 affects Juniper Networks Junos OS on SRX Series and MX Series, caused by a Buffer Copy without Checking Size in the SIP ALG (flowd/mspmand). The underlying issue occurs when memory utilization is high and specific SIP packets arrive, crashing the flowd process and causing a DoS; th...
PT-2025-41399
Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.4R3-S7 Juniper Networks Junos OS versions 23.2 through 23.2R2-S4 Juniper Networks Junos OS versions 23.4 through 23.4R2-S5 Juniper Networks Junos OS versions 24.2 through 24.2R2 Description A buff...
Juniper Junos OS Vulnerability (JSA103143)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA103143 advisory. - A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows ...