Lucene search
K

675 matches found

Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.8 views

PT-2026-3119

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC versions prior to 21.2R3-S10 Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC versions 21.4 through 21.4R3-S12 Juniper Networks Junos OS o...

8.7CVSS6.6AI score0.00367EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/14 2:15 p.m.15 views

CVE-2025-11669

Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality...

8.1CVSS7AI score0.00723EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.9 views

PT-2026-2020

Name of the Vulnerable Software and Affected Versions ALGO 8180 IP Audio Alerter affected versions not specified Description A flaw exists in the handling of the Alert-Info header within SIP INVITE requests. The issue stems from insufficient validation of user-supplied data length before copying ...

8.1CVSS8.3AI score0.00631EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/01/09 12:0 a.m.13 views

Multi-Regional Cloud Honeypot Dataset (MURHCAD)

This data article introduces a comprehensive, high-resolution honeynet dataset designed to support standalone analyses of global cyberattack behaviors. Collected over a continuous 72-hour window June 9 to 11, 2025 on Microsoft Azure, the dataset comprises 132,425 individual attack events captured...

6.9AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2026/01/09 12:0 a.m.6 views

(0Day) ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SIP calls. The issue results from the lack of...

8.1CVSS7.6AI score0.00631EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/08 10:44 a.m.4 views

CVE-2026-0710

A flaw was found in SIPp. A remote attacker could exploit this by sending specially crafted Session Initiation Protocol SIP messages during an active call. This vulnerability, a NULL pointer dereference, can cause the application to crash, leading to a denial of service. Under specific conditions...

6.7AI score0.00219EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:48 a.m.9 views

CVE-2022-27928

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol...

7.5CVSS7AI score0.0101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/30 2:2 p.m.5 views

CVE-2025-15251 beecue FastBee SIP Message ReqAbstractHandler.java getRootElement xml external entity reference

A vulnerability was detected in beecue FastBee up to 2.1. Impacted is the function getRootElement of the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java of the component SIP Message Handler. The manipulation results in xml external entit...

6.3CVSS6.4AI score0.00288EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/30 2:2 p.m.25 views

CVE-2025-15251 beecue FastBee SIP Message ReqAbstractHandler.java getRootElement xml external entity reference

A vulnerability was detected in beecue FastBee up to 2.1. Impacted is the function getRootElement of the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java of the component SIP Message Handler. The manipulation results in xml external entit...

6.3CVSS0.00288EPSS
Exploits0References4
CVE
CVE
added 2025/12/17 12:7 p.m.14 views

CVE-2025-62190

Mattermost exposes a CSRF flaw in the Calls widget page affecting Mattermost server versions 11.0.x up to 11.0.4, 10.12.x up to 10.12.2, 10.11.x up to 10.11.6 and Mattermost Calls = 1.11.0 and related components (e.g., recorder) to versions with CSRF mitigations. Monitor for updates from Mattermo...

4.3CVSS6.3AI score0.001EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.4 views

SIPGO 安全漏洞

SIPGO is a SIP library for writing fast SIP services in GO by Emia Individual Developers. A security vulnerability exists in SIPGO versions 0.3.0 up to and including 1.0.0-alpha-1, which stems from the presence of a null pointer dereference in the NewResponseFromRequest function, which may cause ...

8.7CVSS6.4AI score0.00487EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.5 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android that stems from improper input validation, which could lead to local elevation of privilege and background activity initiation...

6.7CVSS6.2AI score0.00093EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

Kamailio 代码问题漏洞

Kamailio is an open source implementation of a SIP signaling server from Kamailio Open Source. A code issue vulnerability exists in Kamailio version 5.5, which stems from a null pointer dereference in the function yyerrorat in the file src/core/cfg.y, which could lead to a local attack...

5.5CVSS4.1AI score0.00211EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.4 views

Cisco Desk/IP/Video Phone Cross Site Scripting (cisco-sa-phone-dos-FPyjLV7A) (CVE-2025-20351)

According to its self-reported version, the remote Cisco Desk, IP, or Video Phone running SIP Software is affected by a cross site scripting vulnerability: - A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisc...

6.1CVSS5.7AI score0.00262EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/10/15 4:15 p.m.7 views

CVE-2025-20351 Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. This vulnerability exists because the web ...

6.1CVSS0.00262EPSS
Exploits0References1
CVE
CVE
added 2025/10/15 4:14 p.m.15 views

CVE-2025-20329

The CVE-2025-20329 entry describes a vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software. When SIP media component logging is enabled, unencrypted credentials are stored, allowing an authenticated attacker with valid administrative cr...

4.9CVSS6.1AI score0.00332EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.12 views

Cisco TelePresence Collaboration Endpoint Software 日志信息泄露漏洞

Cisco TelePresence Collaboration Endpoint Software is a suite of collaboration endpoint software from Cisco. A log information disclosure vulnerability exists in Cisco TelePresence Collaboration Endpoint Software, which stems from unencrypted credentials being stored when logging is enabled for t...

4.9CVSS5.9AI score0.00332EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.6 views

Cisco SIP Software 安全漏洞

Cisco SIP Software is a SIP protocol software system from Cisco USA. A security vulnerability exists in Cisco SIP Software that stems from a buffer overflow when processing HTTP packets, which could lead to a denial of service attack...

7.5CVSS6.8AI score0.00446EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/10 4:20 p.m.8 views

CVE-2025-52960

A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific SIP...

8.2CVSS6.8AI score0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/09 6:30 p.m.5 views

EUVD-2025-33402

A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...

8.2CVSS6.4AI score0.00309EPSS
Exploits0References2
Rows per page
Query Builder