Lucene search
+L

453 matches found

OSV
OSV
added last week2 views

DEBIAN-CVE-2026-53448

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.12.0, the coturn HTTPS admin panel passes HTTP query parameters directly into SQL queries via snprintf string interpolation without sanitization. The issecurestring filter that protects the STUN protocol path is not...

7.2CVSS6.2AI score0.00677EPSS
Exploits1References1
Fedora
Fedora
added 2026/06/24 1:33 a.m.8 views

[SECURITY] Fedora 43 Update: coturn-4.13.1-1.fc43

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

5.4CVSS5.8AI score0.00141EPSS
Exploits0
OSV
OSV
added 2026/06/18 8:16 p.m.9 views

DEBIAN-CVE-2026-43915

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.11.0 contain a stored cross-site scripting XSS vulnerability in the web-admin HTTPS interface. An attacker who can create a TURN allocation with a crafted USERNAME value can inject HTML/JavaScript that execut...

5.4CVSS5.6AI score0.00141EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/18 7:44 p.m.8 views

CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

9.8CVSS6.1AI score0.0045EPSS
Exploits1
OSV
OSV
added 2026/06/17 6:43 a.m.8 views

MGASA-2026-0217 Updated coturn packages fix security vulnerabilities

CVE-2026-40613 Coturn: Misaligned Memory Access in coturn STUN Attribute Parser Remote DoS on ARM64...

7.5CVSS5.3AI score0.01123EPSS
Exploits1References4
Mageia
Mageia
added 2026/06/17 6:43 a.m.9 views

Updated coturn packages fix security vulnerabilities

CVE-2026-40613 Coturn: Misaligned Memory Access in coturn STUN Attribute Parser Remote DoS on ARM64...

7.5CVSS5.3AI score0.01123EPSS
Exploits1References3
OSV
OSV
added 2026/06/12 12:28 p.m.8 views

OESA-2026-2683 sofia-sip security update

Sofia SIP is a RFC-3261-compliant library for SIP user agents and other network elements. The Session Initiation Protocol SIP is an application-layer control signaling protocol for creating, modifying, and terminating sessions with one or more participants. These sessions include Internet telepho...

7.5CVSS7.1AI score0.01647EPSS
Exploits1References3
OSV
OSV
added 2026/06/12 12:28 p.m.9 views

OESA-2026-2682 sofia-sip security update

Sofia SIP is a RFC-3261-compliant library for SIP user agents and other network elements. The Session Initiation Protocol SIP is an application-layer control signaling protocol for creating, modifying, and terminating sessions with one or more participants. These sessions include Internet telepho...

7.5CVSS7.1AI score0.01647EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.14 views

CVE-2026-49475

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.15 views

CVE-2026-49475

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

7.5CVSS0.00278EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 4:0 p.m.39 views

CVE-2026-49475 FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

7.5CVSS0.00278EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 4:0 p.m.28 views

CVE-2026-49475

FreeSWITCH (core STUN attribute parsing) is affected. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser casts to can cause an out-of-bounds read/write on the per-leg media buffer. The issue has been patched in version 1.11.0. The CVE’s...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 4:0 p.m.13 views

CVE-2026-49475 FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

FreeSWITCH 输入验证错误漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.0, there was a...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.21 views

PT-2026-47846

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/05 4:27 a.m.22 views

[SECURITY] Fedora 44 Update: libre-4.8.1-1.fc44

Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack RFC 3261, SDP, RTP and RTCP, SRTP and SRTCP Secure RTP, DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O poll, epoll, select, kqueue,...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/06/05 4:10 a.m.20 views

[SECURITY] Fedora 43 Update: libre-4.8.1-1.fc43

Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack RFC 3261, SDP, RTP and RTCP, SRTP and SRTCP Secure RTP, DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O poll, epoll, select, kqueue,...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/05/18 1:24 a.m.31 views

[SECURITY] Fedora 42 Update: coturn-4.11.0-1.fc42

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/05/18 12:59 a.m.20 views

[SECURITY] Fedora 43 Update: coturn-4.11.0-1.fc43

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/05/18 12:45 a.m.24 views

[SECURITY] Fedora 44 Update: coturn-4.11.0-1.fc44

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

5.8AI score
Exploits0
Rows per page
Query Builder