25 matches found
CVE-2025-15542
Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with crafted INVITE messages, blocking all voice lines and causing a denial of service on incoming calls...
CVE-2025-15542
Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with crafted INVITE messages, blocking all voice lines and causing a denial of service on incoming calls...
CVE-2025-15542
Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with crafted INVITE messages, blocking all voice lines and causing a denial of service on incoming calls...
Linux Distros Unpatched Vulnerability : CVE-2025-38514
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then...
CVE-2025-38514
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then rxrpcallocincomingcall will oops because the rxrpcbacklog struct doesn't get...
SUSE CVE-2025-38514
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then rxrpcallocincomingcall will oops because the rxrpcbacklog struct doesn't get...
UBUNTU-CVE-2025-38544
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AFRXRPC to provide a server, it has to preallocate incoming calls and assign to them call IDs that will be used to thread related recvmsg and sendmsg together. The...
DEBIAN-CVE-2025-38514
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then rxrpcallocincomingcall will oops because the rxrpcbacklog struct doesn't get...
AZL-75087 CVE-2025-38514 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then rxrpcallocincomingcall will oops because the rxrpcbacklog struct doesn't get...
AZL-66386 CVE-2025-38514 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then rxrpcallocincomingcall will oops because the rxrpcbacklog struct doesn't get...
CVE-2025-38514
The CVE-2025-38514 issue affects the Linux kernel RxRPC: when an AF_RXRPC service socket is opened/bound and calls are preallocated, rxrpc_alloc_incoming_call() can oops because rxrpc_backlog may not be allocated until the first preallocation. The fix is to return NULL from rxrpc_alloc_incoming_c...
PT-2025-33587
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s rxrpc subsystem related to preallocation of incoming calls when using AF RXRPC for server functionality. The issue arises from a collision during...
D-Link I2eye Video Conference AutoAnswer (WDBRPC)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link i2eye Video Conference AutoAnswer WDBRPC', 'Description' = %q This module can be used to enable auto-answer mode for the D-Link i2eye vide...
CVE-2023-38537
A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...
CVE-2023-38537
A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...
CVE-2023-38537
A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...
WhatsApp Competitive Conditions Issue Vulnerability
WhatsApp is a suite of mobile applications from the American company WhatsApp that use the Internet to send text messages. The application uses contact information in a smartphone to find contacts using the software to transmit text, images, etc. WhatsApp suffers from a security vulnerability tha...
UBUNTU-CVE-2022-22677
A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call...
PT-2022-11372 · Nextcloud · Nextcloud Talk Android
Name of the Vulnerable Software and Affected Versions: Nextcloud Android Talk App versions prior to 12.3.0 Description: Nextcloud talk is a self-hosting messaging service. The Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker...
Code injection
An issue existed in the handling of incoming calls. The issue was addressed with additional state checks. This issue is fixed in iOS 14.2 and iPadOS 14.2. A user may answer two calls simultaneously without indication they have answered a second call...