29 matches found
CVE-2026-40614
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
CVE-2026-40614 PJSIP: Heap buffer overflow in Opus codec decoding
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
CVE-2026-40614 PJSIP: Heap buffer overflow in Opus codec decoding
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
PJSIP 安全漏洞
PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier contained security vulnerabilities, which stemmed from insufficient buffer...
CVE-2026-29068 PJSIP: Stack buffer overflow in Opus codec parser
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...
CVE-2026-29068 PJSIP: Stack buffer overflow in Opus codec parser
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...
CVE-2025-65102
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
DEBIAN-CVE-2025-65102
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
ALPINE-CVE-2025-65102
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
UBUNTU-CVE-2025-65102
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
EUVD-2025-198513
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
CVE-2025-65102 PJSIP is vulnerable to buffer overflow in Opus PLC
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
CVE-2025-65102
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
CVE-2025-65102
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
EUVD-2016-10724
Malware in sbrugna...
The vulnerability of the Opus audio codec in browsers like Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to trigger a service failure.
The vulnerability of the Opus audio codec in browsers like Firefox, Firefox ESR, and the email client Thunderbird is related to reading data from memory beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
EulerOS Virtualization for ARM 64 3.0.2.0 : augeas (EulerOS-SA-2021-1042)
According to the versions of the augeas package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The Opus codec is designed for interactive speech and audio transmission over the Internet. It is designed by the IETF...
Debian DLA-793-1 : opus security update
A remote code execution vulnerability was discovered in opus, an audio codec, that could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. For Debian 7 'Wheezy', these problems have been fixed in version...
[SECURITY] Fedora 25 Update: opus-1.1.3-2.fc25
The Opus codec is designed for interactive speech and audio transmission ov er the Internet. It is designed by the IETF Codec Working Group and incorporat es technology from Skype's SILK codec and Xiph.Org's CELT codec...
Asterisk Opus Codec DoS (AST-2016-008)
According to its SIP banner, the version of Asterisk running on the remote host is 13.12.x prior to 13.13.1 or 14.x prior to 14.2.1. It is, therefore, affected by a denial of service vulnerability in the Opus codec when handling SDP offer or answer requests due to improper parsing of format...