675 matches found
PT-2026-3119
Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC versions prior to 21.2R3-S10 Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC versions 21.4 through 21.4R3-S12 Juniper Networks Junos OS o...
CVE-2025-11669
Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality...
PT-2026-2020
Name of the Vulnerable Software and Affected Versions ALGO 8180 IP Audio Alerter affected versions not specified Description A flaw exists in the handling of the Alert-Info header within SIP INVITE requests. The issue stems from insufficient validation of user-supplied data length before copying ...
Multi-Regional Cloud Honeypot Dataset (MURHCAD)
This data article introduces a comprehensive, high-resolution honeynet dataset designed to support standalone analyses of global cyberattack behaviors. Collected over a continuous 72-hour window June 9 to 11, 2025 on Microsoft Azure, the dataset comprises 132,425 individual attack events captured...
(0Day) ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SIP calls. The issue results from the lack of...
CVE-2026-0710
A flaw was found in SIPp. A remote attacker could exploit this by sending specially crafted Session Initiation Protocol SIP messages during an active call. This vulnerability, a NULL pointer dereference, can cause the application to crash, leading to a denial of service. Under specific conditions...
CVE-2022-27928
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol...
CVE-2025-15251 beecue FastBee SIP Message ReqAbstractHandler.java getRootElement xml external entity reference
A vulnerability was detected in beecue FastBee up to 2.1. Impacted is the function getRootElement of the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java of the component SIP Message Handler. The manipulation results in xml external entit...
CVE-2025-15251 beecue FastBee SIP Message ReqAbstractHandler.java getRootElement xml external entity reference
A vulnerability was detected in beecue FastBee up to 2.1. Impacted is the function getRootElement of the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java of the component SIP Message Handler. The manipulation results in xml external entit...
CVE-2025-62190
Mattermost exposes a CSRF flaw in the Calls widget page affecting Mattermost server versions 11.0.x up to 11.0.4, 10.12.x up to 10.12.2, 10.11.x up to 10.11.6 and Mattermost Calls = 1.11.0 and related components (e.g., recorder) to versions with CSRF mitigations. Monitor for updates from Mattermo...
SIPGO 安全漏洞
SIPGO is a SIP library for writing fast SIP services in GO by Emia Individual Developers. A security vulnerability exists in SIPGO versions 0.3.0 up to and including 1.0.0-alpha-1, which stems from the presence of a null pointer dereference in the NewResponseFromRequest function, which may cause ...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android that stems from improper input validation, which could lead to local elevation of privilege and background activity initiation...
Kamailio 代码问题漏洞
Kamailio is an open source implementation of a SIP signaling server from Kamailio Open Source. A code issue vulnerability exists in Kamailio version 5.5, which stems from a null pointer dereference in the function yyerrorat in the file src/core/cfg.y, which could lead to a local attack...
Cisco Desk/IP/Video Phone Cross Site Scripting (cisco-sa-phone-dos-FPyjLV7A) (CVE-2025-20351)
According to its self-reported version, the remote Cisco Desk, IP, or Video Phone running SIP Software is affected by a cross site scripting vulnerability: - A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisc...
CVE-2025-20351 Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. This vulnerability exists because the web ...
CVE-2025-20329
The CVE-2025-20329 entry describes a vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software. When SIP media component logging is enabled, unencrypted credentials are stored, allowing an authenticated attacker with valid administrative cr...
Cisco TelePresence Collaboration Endpoint Software 日志信息泄露漏洞
Cisco TelePresence Collaboration Endpoint Software is a suite of collaboration endpoint software from Cisco. A log information disclosure vulnerability exists in Cisco TelePresence Collaboration Endpoint Software, which stems from unencrypted credentials being stored when logging is enabled for t...
Cisco SIP Software 安全漏洞
Cisco SIP Software is a SIP protocol software system from Cisco USA. A security vulnerability exists in Cisco SIP Software that stems from a buffer overflow when processing HTTP packets, which could lead to a denial of service attack...
CVE-2025-52960
A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific SIP...
EUVD-2025-33402
A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...