26 matches found
CVE-2026-40614
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
EUVD-2022-26905
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-38703
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C, and Python languages. SRTP is a higher lev...
Linux Distros Unpatched Vulnerability : CVE-2023-27585
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications...
Malicious code in paysafe-gpf-as-communication-lib-fe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 997f87146bcd457b4e2cb94ddbcfbb3730c96dd9a2b5843fcabcbb9456cf899d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Siemens Sinteso EN and Cerberus PRO EN Fire Protection Systems Out-of-Bounds Read Vulnerability
Cerberus PRO EN is a fire protection system consisting of fire panels, detection and management stations. It is available to Siemens partners and complies with the European standard EN 54 for fire detection and alarm systems. Sinteso EN is a fire protection system consisting of fire panels,...
CVE-2023-27585
PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...
CVE-2022-23547
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...
CVE-2022-23537
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
[SECURITY] Fedora 36 Update: gnutls-3.7.7-1.fc36
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...
DEBIAN-CVE-2022-31031
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their...
CVE-2022-31031
CVE-2022-31031 affects PJSIP (pjproject) up to version 2.12.1. Root cause: a stack-based buffer overflow when using STUN (via STUN server config or pjlib-util/stun_simple). A patch exists in commit 450baca and should be included in the next release; no workaround is documented. Upgrade to a relea...
[SECURITY] [DLA 2962-1] pjproject security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2962-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA March 28, 2022 https://wiki.debian.org/LTS -...
CVE-2022-23608
CVE-2022-23608 affects PJSIP/pjproject up to version 2.11.1. In a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can be prematurely freed when a dialog is destroyed, causing the same dialog set to be registered in the hash table multiple times with different hash keys...
CVE-2022-21722
CVE-2022-21722 affects PJPROJECT (PJMEDIA) used by PJSCI/PJSIP. In 2.11.1 and earlier, certain incoming RTP/RTCP packets can cause out-of-bounds read access due to multiple code paths; this impacts users accepting RTP/RTCP streams. A patch is available as a commit in the master branch. There are ...
CVE-2021-41141
PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently...
CVE-2021-41141
PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently...
PJSIP 安全漏洞
PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP suffers from a security vulnerability in various parts of PJSIP when error/failure occurs, it is found that the function return...
CVE-2021-43845 Prevent out-of-bounds read in PJSIP
PJSIP is a free and open source multimedia communication library. In version 2.11.1 and prior, if incoming RTCP XR message contain block, the data field is not checked against the received packet size, potentially resulting in an out-of-bound read access. This affects all users that use PJMEDIA a...
CVE-2021-32686
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback a...