CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Unspecified vulnerability in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.x before 6.15su2, 7.x before 7.15bsu3, 8.x before 8.03asu1, and 8.5 before 8.51 allows remote attackers to cause a denial of service service outage via a SIP INVITE message, aka Bug ID CSCth43256...

7.8CVSS6.9AI score0.00427EPSS

Exploits0References1

0day.today•added 2023/12/29 12:0 a.m.•487 views

FreeSWITCH 1.10.10 Denial Of Service Vulnerability

When handling DTLS-SRTP for media setup, FreeSWITCH version 1.10.10 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. FreeSWITCH...

7.5CVSS5.6AI score0.00615EPSS

Exploits4

SUSE CVE•added 2023/02/15 6:0 a.m.•2 views

SUSE CVE-2010-0277

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

5CVSS7.7AI score0.08804EPSS

Exploits1References6

CVE•added 2021/09/09 7:35 a.m.•49 views

CVE-2021-1933

CVE-2021-1933 is an in-device vulnerability affecting Qualcomm Snapdragon platforms (Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Wearables). The issue stems from improper validation of invite messages with SDP bodies, enabling a UE assertion under networking conditions. ...

10CVSS9.3AI score0.00251EPSS

Exploits0References1Affected Software1

myhack58•added 2017/06/19 12:0 a.m.•55 views

4G VoLTE the presence of the vulnerability can cause the phone user's location and other personal information disclosure-vulnerability warning-the black bar safety net

! In recent years, 4G VoLTE in the global field of mobile communications is increasingly popular popular, has now become the most European Region and Asian countries of the trend. And recently, the French security company P1 security by reporting a detailed list of a long string on 4G VoLTE call...

0.2AI score

Exploits0

Cvelist•added 2016/01/12 7:0 p.m.•16 views

CVE-2015-7242

Cross-site scripting XSS vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message...

6.3AI score0.00255EPSS

Exploits2References4

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Ayman Akt IRCIT 0.3.1 Invite Message Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4998/info IRCIT is a terminal based IRC client for Linux and Unix systems. IRCIT contains a remote buffer overflow vulnerability. When a INVITE message is received, the supplied from user data is copied into a fixed buffe...

7.1AI score

Exploits0

NVD•added 2012/06/13 8:55 p.m.•11 views

CVE-2011-2545

Cross-site scripting XSS vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka...

4.3CVSS5.7AI score0.00296EPSS

Exploits0References1

Prion•added 2012/06/13 8:55 p.m.•16 views

Cross site scripting

4.3CVSS6.2AI score0.00296EPSS

Exploits0References1Affected Software5

CVE•added 2012/06/13 8:0 p.m.•58 views

CVE-2011-2545

CVE-2011-2545 is a cross-site scripting (XSS) vulnerability in the SIP INVITE FROM field handling of Cisco SPA 8000/8800 (before 6.1.11), SPA2102 and SPA3102 (before 5.2.13), and SPA 500 series IP phones (before 7.4.9). Root cause: lack of input sanitization in the SIP INVITE FROM field. Impact: ...

4.3CVSS5.9AI score0.00296EPSS

Exploits0References1Affected Software2

Cvelist•added 2012/06/13 8:0 p.m.•17 views

CVE-2011-2545

5.7AI score0.00296EPSS

Exploits0References1

NVD•added 2012/02/08 4:11 a.m.•8 views

CVE-2012-1008

OfficeSIP Server 3.1 allows remote attackers to cause a denial of service daemon crash via a crafted To header in a SIP INVITE message...

5CVSS6.5AI score0.07729EPSS

Exploits1References4

Prion•added 2012/02/08 4:11 a.m.•8 views