Lucene search
K

318 matches found

EUVD
EUVD
added 2026/04/21 6:4 p.m.6 views

EUVD-2026-24229

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.5CVSS6.2AI score0.00224EPSS
Exploits0References2
CVE
CVE
added 2026/04/21 6:4 p.m.21 views

CVE-2026-40614

Summary of CVE-2026-40614 (PJSIP): PJSIP (2.16 and earlier) has a heap buffer overflow in Opus decoding due to insufficient bounds checking in the codec_decode path. The FEC decode buffers (dec_frame[].buf) are allocated using a PCM-derived size, which at 8 kHz mono yields 960 bytes, but codec_pa...

8.8CVSS6.2AI score0.00224EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/21 6:4 p.m.6 views

CVE-2026-40614 PJSIP: Heap buffer overflow in Opus codec decoding

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.5CVSS6.2AI score0.00224EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/04/21 6:4 p.m.3 views

CVE-2026-40614

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.8CVSS5.9AI score0.00224EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.10 views

PJSIP 安全漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier contained security vulnerabilities, which stemmed from insufficient buffer...

8.8CVSS5.9AI score0.00224EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.10 views

PT-2026-34044

Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.17 Description A heap buffer overflow occurs when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers dec frame.buf are allocated using a...

8.5CVSS6AI score0.00224EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/04/14 12:0 a.m.13 views

Honeypot Protocol

Trusted monitoring, the standard defense in AI control, is vulnerable to adaptive attacks, collusion, and strategic attack selection. All of these exploit the fact that monitoring is passive: it observes model behavior but never probes whether the model would behave differently under different...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/18 8:3 p.m.2 views

OPENSUSE-SU-2026:20394-1 Security update for mumble

This update for mumble fixes the following issues: Changes in mumble: - CVE-2025-71264: opus incorrect size calculations allow for an out-of-bounds array access and can lead to a client crash boo1259721 - Update to version 1.5.857: fixes for undesired ACL behavior Client bug fixes: UI, memory...

5.3CVSS5.9AI score0.00282EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/16 5:59 p.m.8 views

CVE-2025-71264

An out of bound array access flaw has been discovered in the mumble voip client. In certain situations decoding of opus encoded audio can attempt to access an array with an invalid index. This may result in a program crash. Mitigation Mitigation for this issue is either not available or the...

3.7CVSS5.6AI score0.00282EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/03/16 6:13 a.m.5 views

CVE-2025-71264

Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service client crash...

5.3CVSS5.2AI score0.00282EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/03/07 11:21 a.m.8 views

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla. Of these, 14 have been classified as high, seven have been classified as moderate, and one has been rated low in severity. The issues were addressed in...

9.8CVSS5.8AI score0.00625EPSS
Exploits2
Cvelist
Cvelist
added 2026/03/06 6:36 a.m.27 views

CVE-2026-29068 PJSIP: Stack buffer overflow in Opus codec parser

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...

8.7CVSS0.00314EPSS
Exploits0References2
CVE
CVE
added 2026/03/06 6:36 a.m.22 views

CVE-2026-29068

PJSIP is affected by a stack buffer overflow in the pjmedia-codec RTP payload parser when a payload contains more frames than the caller-provided frames can hold. This impacts versions prior to 2.17. The vulnerability, with a CVSS 4.0 base score of 8.7 (Network attack vector, no user interaction,...

8.7CVSS6AI score0.00314EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/06 6:36 a.m.2 views

CVE-2026-29068 PJSIP: Stack buffer overflow in Opus codec parser

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...

8.7CVSS6AI score0.00314EPSS
Exploits0References2
OSV
OSV
added 2026/03/06 6:36 a.m.7 views

CVE-2026-29068 PJSIP: Stack buffer overflow in Opus codec parser

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...

8.7CVSS5.9AI score0.00314EPSS
Exploits0References4
Schneier on Security
Schneier on Security
added 2026/02/09 12:4 p.m.6 views

LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days

This is amazing: Opus 4.6 is notably better at finding high-severity vulnerabilities than previous models and a sign of how quickly things are moving. Security teams have been automating vulnerability discovery for years, investing heavily in fuzzing infrastructure and custom harnesses to find bu...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/06 5:49 a.m.7 views

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

Artificial intelligence AI company Anthropic revealed that its latest large language model LLM, Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF. Claude Opus 4.6, which was launched Thursday,...

6.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 7 : gstreamer1-plugins-base-1.10.4-2.0.2.el7.AXS7 (AXSA:2025-11109:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11109:02 advisory. CVE-2024-47538: fix stack-buffer overflow in vorbishandleidentificationpacket function by limiting writing beyond boundaries of position array CVEs...

9.8CVSS7.9AI score0.01272EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/25 8:56 p.m.12 views

CVE-2025-65102

PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...

8.7CVSS6.5AI score0.00273EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-65102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime,...

8.7CVSS5.3AI score0.00273EPSS
Exploits0References2
Rows per page
Query Builder