EUVD-2021-22602

Malware in sbrugna...

EUVD-2021-29523

Malicious code in bioql PyPI...

CVE-2021-42555

Pexip Infinity before 26.2 allows temporary remote Denial of Service abort because of missing call-setup input validation...

CVE-2021-35969

Pexip Infinity before 26 allows temporary remote Denial of Service abort because of missing call-setup input validation...

FreeSWITCH 1.10.10 Denial Of Service Vulnerability

When handling DTLS-SRTP for media setup, FreeSWITCH version 1.10.10 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. FreeSWITCH...

CVE-2023-29529

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

Race condition

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

matrix-js-sdk vulnerable to invisible eavesdropping in group calls

Impact An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker will not appear to be participating in the call. This attack is possibl...

CVE-2021-42555

Pexip Infinity before 26.2 allows temporary remote Denial of Service abort because of missing call-setup input validation...

CVE-2021-35969

Pexip Infinity before 26 allows temporary remote Denial of Service abort because of missing call-setup input validation...

CVE-2020-25868

Pexip Infinity 22.x through 24.x before 24.2 has Improper Input Validation for call setup. An unauthenticated remote attacker can trigger a software abort temporary loss of service...

CVE-2020-25868

CVE-2020-25868 affects Pexip Infinity 22.x through 24.x before 24.2, with an improper input validation flaw in call setup. An unauthenticated remote attacker can trigger a software abort, causing temporary service disruption. Public references in the provided documents confirm the impact and affe...

The vulnerability in the implementation of ISDN functions in the Cisco IOS XE operating system for Cisco 4000 Series Integrated Services Routers allows a attacker to transmit IPv4 traffic through an unauthenticated ISDN connection for several seconds, from the initial setup of the ISDN connection until a failure in authentication of the PPP connection occurs.

The vulnerability of the Cisco IOS XE operating system’s ISDN function implementation for Cisco 4000 Series Integrated Services Routers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to transmit IPv4 traffic through an unauthenticated...

Cisco Unified Communications Manager Mobile and Remote Access Security Bypass Vulnerability

Cisco Unified Communications Manager CUCM, Unified CM is a call-processing component of a unified communications system from the American company Cisco. A security vulnerability exists in CUCM's Mobile and Remote Access MRA service implementation. A remote attacker could exploit this vulnerabilit...

CVE-2015-6410

The Mobile and Remote Access MRA services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283...

CVE-2015-6410

Cisco Unified Communications Manager’s Mobile and Remote Access (MRA) services contain an identity-validation flaw that allows remote attackers to spoof a user and bypass call-reception/ call-setup restrictions. Root cause: edge-device identity validation mishandling (Bug CSCuu97283). Affected pr...

CVE-2015-6410

The Mobile and Remote Access MRA services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283...

bintec.boss.txt

Date: Wed, 10 Feb 1999 22:10:57 +0100 From: Pascal Gienger To: [email protected] Subject: Security Bug in Bintec Router Firmware CLID Vulnerability in Bintec Firmware BOSS V4.9 Release 1 and earlier Abstract: Non-interpretation of "international" or "national" incoming call setup leads to a...