Lucene search
K

509 matches found

Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.8 views

PT-2026-3119

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC versions prior to 21.2R3-S10 Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC versions 21.4 through 21.4R3-S12 Juniper Networks Junos OS o...

8.7CVSS6.6AI score0.00367EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2026/01/09 12:0 a.m.5 views

(0Day) ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SIP calls. The issue results from the lack of...

8.1CVSS7.6AI score0.00631EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.9 views

PT-2026-2020

Name of the Vulnerable Software and Affected Versions ALGO 8180 IP Audio Alerter affected versions not specified Description A flaw exists in the handling of the Alert-Info header within SIP INVITE requests. The issue stems from insufficient validation of user-supplied data length before copying ...

8.1CVSS8.3AI score0.00631EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/01/09 12:0 a.m.13 views

Multi-Regional Cloud Honeypot Dataset (MURHCAD)

This data article introduces a comprehensive, high-resolution honeynet dataset designed to support standalone analyses of global cyberattack behaviors. Collected over a continuous 72-hour window June 9 to 11, 2025 on Microsoft Azure, the dataset comprises 132,425 individual attack events captured...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:48 a.m.9 views

CVE-2022-27928

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol...

7.5CVSS7AI score0.0101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/30 2:2 p.m.5 views

CVE-2025-15251 beecue FastBee SIP Message ReqAbstractHandler.java getRootElement xml external entity reference

A vulnerability was detected in beecue FastBee up to 2.1. Impacted is the function getRootElement of the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java of the component SIP Message Handler. The manipulation results in xml external entit...

6.3CVSS6.4AI score0.00288EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/30 2:2 p.m.25 views

CVE-2025-15251 beecue FastBee SIP Message ReqAbstractHandler.java getRootElement xml external entity reference

A vulnerability was detected in beecue FastBee up to 2.1. Impacted is the function getRootElement of the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java of the component SIP Message Handler. The manipulation results in xml external entit...

6.3CVSS0.00288EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.3 views

SIPGO 安全漏洞

SIPGO is a SIP library for writing fast SIP services in GO by Emia Individual Developers. A security vulnerability exists in SIPGO versions 0.3.0 up to and including 1.0.0-alpha-1, which stems from the presence of a null pointer dereference in the NewResponseFromRequest function, which may cause ...

8.7CVSS6.4AI score0.00487EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

Kamailio 代码问题漏洞

Kamailio is an open source implementation of a SIP signaling server from Kamailio Open Source. A code issue vulnerability exists in Kamailio version 5.5, which stems from a null pointer dereference in the function yyerrorat in the file src/core/cfg.y, which could lead to a local attack...

5.5CVSS4.1AI score0.00211EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.4 views

Cisco Desk/IP/Video Phone Cross Site Scripting (cisco-sa-phone-dos-FPyjLV7A) (CVE-2025-20351)

According to its self-reported version, the remote Cisco Desk, IP, or Video Phone running SIP Software is affected by a cross site scripting vulnerability: - A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisc...

6.1CVSS5.7AI score0.00262EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/10/15 4:15 p.m.7 views

CVE-2025-20351 Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. This vulnerability exists because the web ...

6.1CVSS0.00262EPSS
Exploits0References1
CVE
CVE
added 2025/10/15 4:14 p.m.14 views

CVE-2025-20329

The CVE-2025-20329 entry describes a vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software. When SIP media component logging is enabled, unencrypted credentials are stored, allowing an authenticated attacker with valid administrative cr...

4.9CVSS6.1AI score0.00332EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.12 views

Cisco TelePresence Collaboration Endpoint Software 日志信息泄露漏洞

Cisco TelePresence Collaboration Endpoint Software is a suite of collaboration endpoint software from Cisco. A log information disclosure vulnerability exists in Cisco TelePresence Collaboration Endpoint Software, which stems from unencrypted credentials being stored when logging is enabled for t...

4.9CVSS5.9AI score0.00332EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.6 views

Cisco SIP Software 安全漏洞

Cisco SIP Software is a SIP protocol software system from Cisco USA. A security vulnerability exists in Cisco SIP Software that stems from a buffer overflow when processing HTTP packets, which could lead to a denial of service attack...

7.5CVSS6.8AI score0.00446EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/10 4:20 p.m.8 views

CVE-2025-52960

A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific SIP...

8.2CVSS6.8AI score0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/09 6:30 p.m.5 views

EUVD-2025-33402

A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...

8.2CVSS6.4AI score0.00309EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/09 3:40 p.m.4 views

CVE-2025-52960 Junos OS: SRX Series and MX Series: Receipt of specific SIP packets in a high utilization situation causes a flowd/mspmand crash

A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...

8.2CVSS6.2AI score0.00309EPSS
Exploits0References2
CVE
CVE
added 2025/10/09 3:40 p.m.30 views

CVE-2025-52960

CVE-2025-52960 affects Juniper Networks Junos OS on SRX Series and MX Series, caused by a Buffer Copy without Checking Size in the SIP ALG (flowd/mspmand). The underlying issue occurs when memory utilization is high and specific SIP packets arrive, crashing the flowd process and causing a DoS; th...

8.2CVSS6.2AI score0.00309EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.6 views

PT-2025-41399

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.4R3-S7 Juniper Networks Junos OS versions 23.2 through 23.2R2-S4 Juniper Networks Junos OS versions 23.4 through 23.4R2-S5 Juniper Networks Junos OS versions 24.2 through 24.2R2 Description A buff...

8.2CVSS6.8AI score0.00309EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.4 views

Juniper Junos OS Vulnerability (JSA103143)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA103143 advisory. - A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows ...

8.2CVSS5.6AI score0.00309EPSS
Exploits0References2
Rows per page
Query Builder