Lucene search
K

2236 matches found

CVE
CVE
added 2026/04/24 2:45 p.m.17 views

CVE-2026-31651

In CVE-2026-31651, the Linux kernel mmc: vub300 driver is affected by a NULL-deref/use-after-free on disconnect. The root cause is dropping the driver data reference without deregistering the controller, which can lead to NULL-pointer dereferences and a potential system crash (DoS) on local acces...

5.5CVSS5.3AI score0.00111EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/04/24 2:45 p.m.38 views

CVE-2026-31651 mmc: vub300: fix NULL-deref on disconnect

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix NULL-deref on disconnect Make sure to deregister the controller before dropping the reference to the driver data on disconnect to avoid NULL-pointer dereferences or use-after-free...

0.00111EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.8 views

PT-2026-35059

Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.17 Description An integer overflow occurs in the media stream buffer size calculation when processing Session Description Protocol SDP with asymmetric ptime configuration. This overflow can lead to an undersized buffe...

9.3CVSS5.7AI score0.00279EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-40614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames d...

8.8CVSS5.9AI score0.00224EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/04/21 9:16 p.m.7 views

CVE-2026-40892

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...

9.8CVSS6AI score0.00419EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/21 7:16 p.m.8 views

CVE-2026-40614

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.8CVSS6.1AI score0.00224EPSS
Exploits0References3
OSV
OSV
added 2026/04/21 7:16 p.m.5 views

UBUNTU-CVE-2026-40614

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.8CVSS6.1AI score0.00224EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.3 views

PT-2026-32370

Name of the Vulnerable Software and Affected Versions FFmpeg version 8.0.1 Description A heap buffer overflow in the av bprint finalize function allows attackers to cause a Denial of Service DoS via a crafted input. A heap buffer overflow occurs when a program writes more data to a heap-allocated...

7.5CVSS6AI score0.00452EPSS
Exploits1References14
RedHat Linux
RedHat Linux
added 2026/04/07 9:43 p.m.7 views

Important: Red Hat Security Advisory: nginx:1.24 security update

An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.6AI score0.21621EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.5 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-8112-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8112-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

8.8CVSS6.8AI score0.0084EPSS
Exploits1References10
OSV
OSV
added 2026/03/20 9:17 p.m.9 views

DEBIAN-CVE-2026-33144

GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...

7.8CVSS5.7AI score0.00165EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/03/20 9:17 p.m.5 views

CVE-2026-33144

GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...

7.8CVSS6AI score0.00165EPSS
Exploits1References3
OSV
OSV
added 2026/03/20 9:17 p.m.11 views

UBUNTU-CVE-2026-33144

GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...

7.8CVSS6AI score0.00165EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/20 8:7 p.m.3 views

CVE-2026-33144 GPAC MP4Box Heap Buffer Overflow Write in gf_xml_parse_bit_sequence_bs (NHML BS Parsing)

GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...

5.8CVSS6AI score0.00165EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/20 8:21 a.m.4 views

EUVD-2026-13632

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsipmultipartparse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...

6.9CVSS6AI score0.0026EPSS
Exploits0References2
OSV
OSV
added 2026/03/20 4:16 a.m.7 views

ALPINE-CVE-2026-32942

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

8.1CVSS5.3AI score0.00319EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/20 4:16 a.m.3 views

CVE-2026-32942

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

9.3CVSS5.8AI score0.00319EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/20 3:54 a.m.2 views

CVE-2026-32945

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

8.4CVSS5.8AI score0.00308EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.7 views

PJSIP 缓冲区错误漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier had a buffer error vulnerability. This vulnerability stemmed from an...

7.5CVSS6AI score0.0026EPSS
Exploits0References3
CVE
CVE
added 2026/03/16 7:9 a.m.8 views

CVE-2025-12736

CVE-2025-12736 affects the OpenHarmony platform, specifically the multimedia_audio_standard component in v5.0.3 and earlier. The root cause is the use of an uninitialized resource, which can enable a local attacker to obtain a case-sensitive leak of sensitive information. The provided metrics ind...

6.5CVSS5.8AI score0.00167EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder