17 matches found
EUVD-2017-17807
Malware in sbrugna...
EUVD-2017-17808
Malware in sbrugna...
PT-2024-3514
Name of the Vulnerable Software and Affected Versions Cisco IP Phone 6800 versions affected versions not specified Cisco IP Phone 7800 versions affected versions not specified Cisco IP Phone 8800 versions affected versions not specified Cisco Video Phone 8875 versions affected versions not...
[SECURITY] Fedora 32 Update: coturn-4.5.1.3-1.fc32
The Coturn TURN Server is a VoIP media traffic NAT traversal server and gat eway. It can be used as a general-purpose network traffic TURN server/gateway, to o. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relayin...
Elemental Path's CogniToys Dino Information Disclosure Vulnerability (CNVD-2018-00676)
Elemental Path's CogniToys Dino is a smart toy from Elemental Path's in the United States that is capable of voice communication with children. Elemental Path's CogniToys Dino using firmware version 0.0.794 and earlier suffers from a security vulnerability that stems from the program's use of a...
Path traversal
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 do not provide sufficient protections against capture-replay attacks, allowing an attacker on the network to replay VoIP traffic between a Dino device and remote server to any other Dino device...
CVE-2017-8865
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 do not provide sufficient protections against capture-replay attacks, allowing an attacker on the network to replay VoIP traffic between a Dino device and remote server to any other Dino device...
CVE-2017-8866
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote attacker to use a different Dino device to decrypt VoIP traffic between a child's Dino and remote server...
Hardcoded credentials
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote attacker to use a different Dino device to decrypt VoIP traffic between a child's Dino and remote server...
CVE-2017-8866
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote attacker to use a different Dino device to decrypt VoIP traffic between a child's Dino and remote server...
CVE-2017-8866
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote attacker to use a different Dino device to decrypt VoIP traffic between a child's Dino and remote server...
CVE-2017-8865
CVE-2017-8865 affects Elemental Path’s CogniToys Dino, with firmware version 0.0.794 and earlier. The vulnerability allows an attacker on the network to replay VoIP traffic between a Dino device and a remote server to another Dino device, indicating a capture-replay flaw in the Dino’s communicati...
CVE-2017-8866
The CVE-2017-8866 entry affects Elemental Path’s CogniToys Dino with firmware
CVE-2017-8865
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 do not provide sufficient protections against capture-replay attacks, allowing an attacker on the network to replay VoIP traffic between a Dino device and remote server to any other Dino device...
Secure Voipswitch database download vulnerability
This bug used for hacking voip traffic , it can get all site information and sips. All Versions are affected . This is private exploit. You can buy it at https://0day.today...
Memory corruption
Cisco IOS before 15.31T, when media flow-around is not used, allows remote attackers to cause a denial of service media loops and stack memory corruption via VoIP traffic, aka Bug ID CSCub45809...
[Full-disclosure] DOS vulnerability on Thomson SIP phone ST 2030 using an empty packet
MADYNES Security Advisory : Remote DOS on Thomson SIP phone ST 2030 using an empty packet Date of Discovery 15 February, 2007 Vendor was notified on 1 March 2007 ID: KIPH10 Synopsis After sending an empty message the device looks functional but in fact does not respond to any event provoking a Do...