CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2023/03/15 12:0 a.m.•4 views

PT-2023-21239 · Opensips · Opensis

Name of the Vulnerable Software and Affected Versions: OpenSIPS versions prior to 3.1.7 and 3.2.4 Description: OpenSIPS is a Session Initiation Protocol SIP server implementation. When the function append hf handles a SIP message with a malformed To header, a call to the function abort is...

7.5CVSS7.4AI score0.00971EPSS

7.5CVSS7.3AI score0.00905EPSS

OpenSIPS 输入验证错误漏洞

OpenSIPS is a GPL-licensed SIP server implementation from the individual developers of OpenSIPS. An input validation error vulnerability exists in OpenSIPS version 3.2.5 and earlier. An attacker could exploit this vulnerability to cause a system crash...

7.5CVSS7.3AI score0.00969EPSS

OpenSIPS 输入验证错误漏洞

OpenSIPS is a GPL-licensed SIP server implementation by the OpenSIPS Individual Developer. An input validation error vulnerability exists in OpenSIPS version 3.2 and earlier. An attacker could exploit this vulnerability to cause a system crash and denial of service...

7.5CVSS7.3AI score0.00905EPSS

OpenSIPS 输入验证错误漏洞

7.5CVSS7.3AI score0.00969EPSS

OpenSIPS 输入验证错误漏洞

OpenSIPS is a GPL-licensed SIP server implementation from the individual developers of OpenSIPS. An input validation error vulnerability exists in OpenSIPS version 3.2.5 and prior versions, which stems from the fact that both large Content-Length values and incorrectly formatted SIP messages can...

7.5CVSS7.3AI score0.0099EPSS

OpenSIPS 输入验证错误漏洞

OpenSIPS is a GPL-licensed SIP server implementation from the individual developers of OpenSIPS. An input validation error vulnerability exists in OpenSIPS version 3.2 and earlier, which stems from a system crash when an incorrectly formatted SDP body is received and processed by the...

7.5CVSS7.2AI score0.00767EPSS

OpenSIPS 安全漏洞

OpenSIPS is a GPL-licensed SIP server implementation from the individual developers of OpenSIPS. A security vulnerability exists in OpenSIPS versions 2.3 through 3.2, which stems from a memory leak detected via the function parsemirequest...

7.5CVSS7.3AI score0.00738EPSS

OpenSIPS 安全漏洞

OpenSIPS is a GPL-licensed SIP server implementation from the OpenSIPS Individual Developer. A security vulnerability exists in OpenSIPS versions prior to 3.1.8 and 3.2.5, which stems from a crash in OpenSIPS when a malformed SDP subject is sent multiple times to an OpenSIPS configuration using t...

Exploits0References3

CNNVD•added 2023/03/15 12:0 a.m.•2 views

OpenSIPS 输入验证错误漏洞

7.5CVSS7.3AI score0.00971EPSS

Positive Technologies•added 2023/03/15 12:0 a.m.•3 views

PT-2023-21238 · Opensips · Opensis

Name of the Vulnerable Software and Affected Versions: OpenSIPS versions prior to 3.1.7 and 3.2.4 Description: OpenSIPS is a Session Initiation Protocol SIP server implementation. Sending a malformed Via header to OpenSIPS triggers a segmentation fault when the function calc tag suffix is called....

7.5CVSS7.5AI score0.00971EPSS

7.5CVSS7.3AI score0.00971EPSS

OpenSIPS 安全漏洞

OpenSIPS is a GPL-licensed SIP server implementation by the OpenSIPS Individual Developer. A security vulnerability exists in OpenSIPS version 3.2 and earlier versions, which stems from a segmentation error triggered by sending an incorrectly formatted "Via" header in a call to the "calctagsuffix...

Positive Technologies•added 2023/03/15 12:0 a.m.•3 views

PT-2023-21236 · Opensips · Opensis

Name of the Vulnerable Software and Affected Versions: OpenSIPS versions prior to 3.1.8 and 3.2.5 Description: OpenSIPS is a Session Initiation Protocol SIP server implementation. The issue arises when a malformed SDP body is sent multiple times to an OpenSIPS configuration that uses the stream...

7.5CVSS7.5AI score0.00738EPSS

Exploits0References9

Positive Technologies•added 2023/03/15 12:0 a.m.•3 views

PT-2023-21559 · Opensips · Opensis

Name of the Vulnerable Software and Affected Versions: OpenSIPS versions prior to 3.1.9 and 3.2.6 Description: OpenSIPS is a Session Initiation Protocol SIP server implementation. If the ds is in list function is used with an invalid IP address string, OpenSIPS will attempt to print a string from...

7.5CVSS7.5AI score0.00905EPSS

Positive Technologies•added 2023/03/15 12:0 a.m.•3 views

PT-2023-21557 · Opensips · Opensis

Name of the Vulnerable Software and Affected Versions: OpenSIPS versions prior to 3.1.9 and 3.2.6 Description: OpenSIPS is a Session Initiation Protocol SIP server implementation. A malformed SIP message containing a large Content-Length value and a specially crafted Request-URI causes a...

7.5CVSS7.4AI score0.00969EPSS

Positive Technologies•added 2023/03/15 12:0 a.m.•4 views

PT-2023-21555 · Opensips · Opensis

Name of the Vulnerable Software and Affected Versions: OpenSIPS versions prior to 3.1.7 OpenSIPS versions prior to 3.2.4 Description: OpenSIPS is a Session Initiation Protocol SIP server implementation. The issue is located in msg translator.c:2628 and might lead to a server crash. This issue was...

7.5CVSS7.2AI score0.00969EPSS

Positive Technologies•added 2023/03/15 12:0 a.m.•4 views

PT-2023-21241 · Opensips · Opensis

Name of the Vulnerable Software and Affected Versions: OpenSIPS versions prior to 3.1.7 and 3.2.4 Description: OpenSIPS is a Session Initiation Protocol SIP server implementation. The issue arises when a malformed SDP body is received and processed by the delete sdp line function in the sipmsgops...

7.5CVSS7.4AI score0.0099EPSS

Exploits0References11

7.5CVSS7.3AI score0.0099EPSS

OpenSIPS 输入验证错误漏洞