417 matches found
CVE-2025-8756
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...
CVE-2025-8756
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...
CVE-2025-8756 TDuckCloud tduck-platform manage preHandle improper authorization
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...
CVE-2025-8756
TDuckCloud TDuck-Platform (versions up to 5.1) contains a vulnerability in the preHandle function of the AuthorizationInterceptor at /manage/ (component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor) that enables improper authorization. A remote attack is possible, and the exploit ...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass in the preHandle function of the AuthorizationInterceptor.java component. An attacker can gain unauthorized access to restricted resources by manipulating the Request argument remotely. Remediation A fix was pushed...
Dromara Northstar 安全漏洞
Dromara Northstar is an AI quantitative trading platform open-sourced by Dromara China. A security vulnerability exists in Dromara Northstar version 7.3.5 and earlier, which stems from improper access control due to misuse of the parameter Request in the file AuthorizationInterceptor.java...
SUSE CVE-2025-49140
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2025-49140
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
GO-2025-3748 Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS) in github.com/pion/interceptor
Pion Interceptor's improper RTP padding handling allows remote crash for SFU users DoS in github.com/pion/interceptor...
CVE-2025-49140
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
UBUNTU-CVE-2025-49140
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2025-49140 Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2025-49140 Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2025-49140
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2025-49140
Pion Interceptor (part of the RTP/RTCP framework) versions 0.1.36–0.1.38 contain a bug in the RTP packet factory that can cause a panic in Pion-based SFUs when handling crafted RTP packets. The issue is mitigated by upgrading to v0.1.39 or later, which adds a validation that padLen > 0 && padLen
CVE-2025-49140 Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
GHSA-F26W-GH5M-QQ77 Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)
Impact Pion Interceptor versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Patches Upgrade to v0.1.39 or later, which includes PR 338 which...
Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)
Impact Pion Interceptor versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Patches Upgrade to v0.1.39 or later, which includes PR 338 which...
PT-2025-24565 · Pion · Pion Interceptor
Name of the Vulnerable Software and Affected Versions: Pion Interceptor versions v0.1.36 through v0.1.38 Description: Pion Interceptor is a framework for building RTP/RTCP communication software. The issue is caused by a bug in the RTP packet factory, which can be exploited by crafted RTP packets...
Pion Interceptor 安全漏洞
Pion Interceptor is a Pion open source pluggable RTP/RTCP processor for building real-time communications. A security vulnerability exists in Pion Interceptor versions v0.1.36 through v0.1.38, which stems from an RTP packet factory error that could cause the service to crash...