EUVD-2019-2398

Malware in sbrugna...

EUVD-2023-28839

Malicious code in bioql PyPI...

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message...

CVE-2019-10594

Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ800...

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message...

Information disclosure

Information Disclosure in data Modem while parsing an FMTP line in an SDP message...

CVE-2023-24849

CVE-2023-24849 affects Qualcomm closed‑source Data Modem; the issue is Information Disclosure caused by parsing FMTP lines in SDP messages. Root cause: a flaw in the FMTP parsing logic in the Data Modem leading to confidentiality impact (CVE exhibits High impact, with network attack vector and no...

CVE-2023-24849 Buffer Over-read in Data Modem

Information Disclosure in data Modem while parsing an FMTP line in an SDP message...

PT-2023-19823 · Unknown · Data Modem

Name of the Vulnerable Software and Affected Versions: data Modem affected versions not specified Description: The issue is related to Information Disclosure in the data Modem while parsing an FMTP line in an SDP message. Recommendations: At the moment, there is no information about a newer versi...

Qualcomm Chip Security Breach

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip suffers from a security vulnerability that stems from...

SAMSUNG Mobile Chipset 缓冲区错误漏洞

SAMSUNG Mobile Chipset is a series of chips from the South Korean company Samsung SAMSUNG. A security vulnerability exists in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos Auto T5124, which stems from an improper parameter length check wh...

CVE-2023-26496

CVE-2023-26496 affects Samsung Baseband Modem Chipset (Exynos 5123, 5300, 980, 1080, Auto T5124). The issue is memory corruption caused by improper checking of the parameter length when parsing the fmtp attribute in the SDP module. Public sources (NVD/Red Hat/CNNVD) consistently describe memory c...

Stack overflow

Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ800...

CVE-2019-10594

CVE-2019-10594 is a stack overflow vulnerability in Snapdragon media SDP handling when FMTP in an M-line carries multiple payload types. Affected are Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables across numerous SoC families (APQ, MDM, MSM variants)...

Asterisk chan_pjsip 15.2.0 - SDP fmtp Denial of Service

Asterisk chanpjsip 15.2.0 - SDP fmtp Denial of Service ''' Segmentation fault occurs in asterisk with an invalid SDP fmtp attribute - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip - References: AST-2018-003 - Enable Security Advisory: -...

Asterisk 15.2.0 chan_pjsip SDP fmtp Denial Of Service Exploit

Asterisk version 15.2.0 running chanpjsip suffers from an SDP message related denial of service vulnerability. Segmentation fault occurs in asterisk with an invalid SDP fmtp attribute - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip -...

Asterisk chan_pjsip 15.2.0 - 'SDP fmtp' Denial of Service

''' Segmentation fault occurs in asterisk with an invalid SDP fmtp attribute - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip - References: AST-2018-003 - Enable Security Advisory: - Vendor Advisory: - Timeline: - Issue reported to vendor:...

Asterisk 15.2.0 chan_pjsip SDP fmtp Denial Of Service

Segmentation fault occurs in asterisk with an invalid SDP fmtp attribute - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip - References: AST-2018-003 - Enable Security Advisory: - Vendor Advisory: - Timeline: - Issue reported to vendor:...

FreeBSD : asterisk and pjsip -- multiple vulnerabilities (f9f5c5a2-17b5-11e8-90b8-001999f8d30b)

The Asterisk project reports : AST-2018-002 - By crafting an SDP message with an invalid media format description Asterisk crashes when using the pjsip channel driver because pjproject's sdp parsing algorithm fails to catch the invalid media format description. AST-2018-003 - By crafting an SDP...