CVE-2023-31289

Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort...

CVE-2023-31289

Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort...

CVE-2023-31289

Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort...

PT-2023-23275 · Pexip · Pexip Infinity

Name of the Vulnerable Software and Affected Versions: Pexip Infinity versions prior to 31.2 Description: The issue is related to improper input validation for signalling, which allows remote attackers to trigger an abort. Recommendations: For versions prior to 31.2, update to version 31.2 or lat...

CVE-2023-31289

CVE-2023-31289 affects Pexip Infinity prior to version 31.2. The root cause is improper input validation for signalling, allowing remote attackers to trigger a service abort. Impact is a potential denial of service. Remediation per available sources is to upgrade to version 31.2 or later or apply...

SUSE-SU-2023:4454-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: Security issues fixed: CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT 'any' aggregate functions. This error led to a text-type value being interpreted as an unknown-type value that is, a zero-terminated string at runtime...

SUSE CVE-2018-7418

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value...

CVE-2019-11760

A flaw was discovered in Mozilla Firefox and Thunderbird where a fixed-stack buffer overflow could occur during WebRTC signalling. The vulnerability could lead to an exploitable crash or leak data...

Amazon Linux 2 : thunderbird (ALAS-2019-1376)

Several memory safety bugs were discovered in Mozilla Firefox and Thunderbird. Memory corruption and arbitrary code execution are possible with these vulnerabilities. These bugs can be exploited over the network.CVE-2019-11764 A flaw was discovered in both Firefox and Thunderbird where 4 bytes of...

ABB 1SVR427032R0000 CP-E 24 2.5 Power Supply Detection

Binary data 756480.prm...

Adventures in Video Conferencing Part 4: What Didn't Work Out with WhatsApp

Posted by Natalie Silvanovich, Project Zero Not every attempt to find bugs is successful. When looking at WhatsApp, we spent a lot of time reviewing call signalling hoping to find a remote, interaction-less vulnerability. No such bugs were found. We are sharing our work with the hopes of saving...

Adventures in Video Conferencing Part 1: The Wild World of WebRTC

Posted by Natalie Silvanovich, Project Zero Over the past five years, video conferencing support in websites and applications has exploded. Facebook, WhatsApp, FaceTime and Signal are just a few of the many ways that users can make audio and video calls across networks. While a lot of research ha...

Multiple Huawei Products Cross-Border Read Vulnerability

Huawei DP300 and others are products of Huawei, China.DP300 is a video conferencing terminal.RP200 is an all-in-one video conferencing device. An out-of-bounds read vulnerability exists in several Huawei products, where the program fails to adequately perform input validation of values in message...

CVE-2017-17316

Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to contr...

CVE-2017-17316

Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to contr...

CVE-2017-17316

CVE-2017-17316 affects Huawei DP300, RP200, V600R006C00, TE30/TE40/TE50/TE60 and V500R002C00/V600R006C00 variants. The root cause is insufficient input validation in Signalling Connection Control Part (SCCP) message handling, leading to an out-of-bounds read. An unauthenticated, remote attacker m...

Multiple Huawei products cross-border read vulnerability (CNVD-2017-34420)

Huawei RP200 and TE series are Huawei's all-in-one desktop and high-definition videoconferencing products for high-end customers. The out-of-bounds read vulnerability exists in several Huawei products, as the devices fail to adequately verify user input. A remote attacker could exploit this...

How SS7 Flaw Can Be Used to Hack Gmail ID and Bitcoin Wallet

By Waqas An old vulnerability in the Signalling System No. 7 SS7 This is a post from HackRead.com Read the original post: How SS7 Flaw Can Be Used to Hack Gmail ID and Bitcoin Wallet...

VoIP Penetration Testing Kit: Viproy

Viproy Voip Pen-Test Kit provides penetration testing modules for VoIP networks. It supports signalling analysis for SIP and Skinny protocols, IP phone services and network infrastructure. Viproy 2.0 is released at Blackhat Arsenal USA 2014 with TCP/TLS support for SIP, vendor extentions support,...

wireshark: SigComp UDVM dissector buffer overruns

Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors...