rtpengine 访问控制错误漏洞

rtpengine is a media proxy software from Sipwise Open Source. An access control error vulnerability exists in rtpengine versions prior to 13.4.1.1, which stems from a source validation error in the endpoint learning logic that could lead to the injection or interception of RTP/SRTP media streams...

CVE-2025-53399

In Sipwise rtpengine before 13.4.1.1, an origin-validation error in the endpoint-learning logic of the media-relay core allows remote attackers to inject or intercept RTP/SRTP media streams via RTP packets except when the relay is configured for strict source and learning disabled. Version 13.4.1...

New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission

Earlier this month, The Hacker News covered a story on research revealing how over 1300 Android apps are collecting sensitive data even when users have explicitly denied the required permissions. The research was primarily focused on how app developers abuse multiple ways around to collect locati...

Debian Security Advisory DSA 2169-1 (telepathy-gabble)

The remote host is missing an update to telepathy-gabble announced via advisory DSA 2169-1. OpenVAS Vulnerability Test $Id: deb21691.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2169-1 telepathy-gabble Authors: Thomas Reinke Copyright: Copyright c 2011...