CVE-2025-12204

A security vulnerability has been detected in Kamailio 5.5. Impacted is the function rvedestroy of the file src/core/rvalue.c of the component Configuration File Handler. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed...

PT-2025-43866

Name of the Vulnerable Software and Affected Versions Kamailio version 5.5 Description A flaw exists in Kamailio where manipulation of the rve is constant function within the src/core/rvalue.c file can lead to a null pointer dereference. The attack requires local access. The exploit for this issu...

EUVD-2015-1721

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-28361

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kamailio before 5.4.0, as used in Sip Express Router SER in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection...

CVE-2018-14767

In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "buildresbuffromsipreq" core function. This could result in denial of service and potentially...

PT-2018-12707 · Kamailio +2 · Kamailio +2

Name of the Vulnerable Software and Affected Versions: Kamailio versions prior to 5.0.7 Kamailio versions 5.1.x prior to 5.1.4 Description: A crafted SIP message with a double "To" header and an empty "To" tag can cause a segmentation fault and crash due to missing input validation in the build r...

CVE-2013-7426

Insecure Temporary file vulnerability in /tmp/kamailiofifo in kamailio 4.0.1...

DEBIAN-CVE-2013-7426

Insecure Temporary file vulnerability in /tmp/kamailiofifo in kamailio 4.0.1...