14 matches found
CVE-2026-42185
CVE-2026-42185 - People (La Suite): Prior to version 1.25.0, an authenticated user with Administrator on a mail domain could send a crafted invitation to elevate any user to Owner, yielding full domain ownership without the target’s acceptance. This is a privilege-escalation in the invitation flo...
CVE-2025-15542
CVE-2025-15542 describes a DoS in VX800v v1.0’s SIP processing caused by improper handling of exceptional conditions. An attacker can flood the device with crafted INVITE messages, blocking all voice lines and disrupting incoming calls. The issue is documented across multiple sources (NVD/Red Hat...
TP-Link VX800v security vulnerability
The TP-Link VX800v is a VoIP gateway produced by the Chinese company TP-Link. The TP-Link VX800v 1.0 version has a security vulnerability. This vulnerability stems from improper handling of exceptional conditions during SIP processing. It could allow attackers to flood the device with specially...
PT-2026-5321
Name of the Vulnerable Software and Affected Versions VX800v version 1.0 Description A flaw exists in the handling of exceptional conditions during SIP processing. An attacker can send specially crafted INVITE messages to flood the device, leading to a denial of service by blocking all voice line...
CVE-2025-20236
Cisco Webex App is affected by a client-side vulnerability in the custom URL parser that could allow an unauthenticated attacker to convince a user to download arbitrary files, potentially executing commands with the user’s privileges. Root cause: insufficient input validation when processing mee...
DEBIAN-CVE-2024-52815
Synapse is an open-source Matrix homeserver. Synapse versions before 1.120.1 fail to properly validate invites received over federation. This vulnerability allows a malicious server to send a specially crafted invite that disrupts the invited user's /sync functionality. Synapse 1.120.1 rejects su...
Cisco Unity Connection SIP Trunk Integration Tailored INVITE Message Denial of Service Vulnerability (CNVD-2015-02193)
Cisco Unity Connection is a feature-rich voice messaging platform that uses the Linux Unified Communications operating system. A security vulnerability exists in the Connection Conversation Manager CuCsMgr process of Cisco Unity Connection. An unauthenticated, remote attacker could trigger a...
DEBIAN-CVE-2010-0685
The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the $EXTEN channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters...
CVE-2007-3351
The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim X3 running Windows Mobile 2003, allows remote attackers to cause a denial of service device hang and traffic amplification via a direct crafted INVITE transaction, which causes the phone to transmit many RTP packets...
Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit
No description provided by source. !/usr/bin/perl MADYNES Security Advisory http://madynes.loria.fr Title: Grandstream Budge Tone-200 denial of service vulnerability Release Date: 21/03/2007 Severity: High - Denial of Service Advisory ID:KIPH3 Hardware: Grandstream Budge Tone-200 IP Phone...
Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit
Exploit for hardware platform in category dos / poc =============================================================== Grandstream Budge Tone-200 IP Phone Digest domain DoS Exploit =============================================================== !/usr/bin/perl MADYNES Security Advisory...
Grandstream Budge Tone-200 IP Phone - Digest domain Denial of Service
Grandstream Budge Tone-200 IP Phone - Digest domain Denial of Service !/usr/bin/perl MADYNES Security Advisory http://madynes.loria.fr Title: Grandstream Budge Tone-200 denial of service vulnerability Release Date: 21/03/2007 Severity: High - Denial of Service Advisory ID:KIPH3 Hardware:...
Grandstream Budge Tone-200 IP Phone - Digest domain Denial of Service
!/usr/bin/perl MADYNES Security Advisory http://madynes.loria.fr Title: Grandstream Budge Tone-200 denial of service vulnerability Release Date: 21/03/2007 Severity: High - Denial of Service Advisory ID:KIPH3 Hardware: Grandstream Budge Tone-200 IP Phone...
CVE-2003-1110
The Session Initiation Protocol SIP implementation in Columbia SIP User Agent sipc 1.74 and other versions before sipc 2.0 build 2003-02-21 allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test...