CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

682 matches found

Tenable Nessus•added 2026/05/08 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-42225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls ca...

8.2CVSS5.7AI score0.00021EPSS

Exploits0References3

OSV•added 2026/05/07 8:16 p.m.•4 views

DEBIAN-CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

5.9CVSS5.7AI score0.00021EPSS

Exploits0References1

OSV•added 2026/05/07 8:16 p.m.•4 views

UBUNTU-CVE-2026-42225

8.2CVSS5.7AI score0.00021EPSS

Exploits0References6

UbuntuCve•added 2026/05/07 8:16 p.m.•3 views

CVE-2026-42225

8.2CVSS5.7AI score0.00021EPSS

Exploits0References5

CVE•added 2026/05/07 6:47 p.m.•11 views

CVE-2026-42225

PJSIP’s GnuTLS-enabled SIP TLS transport (sip_transport_tls) in builds prior to version 2.17 can accept connections with invalid/untrusted certificates even when verify_server/verify_client are PJ_TRUE. The vulnerability arises from certificate verification being effectively skipped for those bui...

8.2CVSS5.7AI score0.00021EPSS

Exploits0References3Affected Software1

Debian CVE•added 2026/05/07 6:47 p.m.•7 views

CVE-2026-42225

8.2CVSS5.7AI score0.00021EPSS

Exploits0

ATTACKERKB•added 2026/05/07 6:47 p.m.•5 views

CVE-2026-42225

8.2CVSS5.7AI score0.00021EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/05/07 6:47 p.m.•7 views

CVE-2026-42225 GnuTLS backend silently skips certificate chain verification when verify_peer is false

8.2CVSS5.7AI score0.00021EPSS

Exploits0References3

CNNVD•added 2026/05/07 12:0 a.m.•7 views

PJSIP 信任管理问题漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Prior to PJSIP version 2.17, there were vulnerabilities related to trust management. These vulnerabilities...

8.2CVSS5.8AI score0.00021EPSS

Exploits0References1

RedhatCVE•added 2026/04/28 8:35 a.m.•1 views

CVE-2026-41415

A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit this vulnerability by sending a specially crafted Session Initiation Protocol SIP multipart message containing a malformed Content-ID URI. Insufficient length validation during parsing of this URI can...

9.1CVSS5.1AI score0.00061EPSS

Exploits0References5

Tenable Nessus•added 2026/04/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-41416

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an integer overflow in media stream buffer size...

9.3CVSS6AI score0.0006EPSS

Exploits0References3

Tenable Nessus•added 2026/04/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-41415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed...

9.1CVSS5.9AI score0.00061EPSS

Exploits0References3

NVD•added 2026/04/24 7:17 p.m.•1 views

CVE-2026-41415

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message body. Insufficient length validation can cause reads beyond the intended buffer bounds. This...

9.1CVSS0.00061EPSS

Exploits0References2

OSV•added 2026/04/24 7:17 p.m.•1 views

UBUNTU-CVE-2026-41416

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an integer overflow in media stream buffer size calculation when processing SDP with asymmetric ptime configuration. The overflow may result in an undersized buffer allocation, which can...

9.3CVSS6AI score0.0006EPSS

Exploits0References4

Cvelist•added 2026/04/24 6:40 p.m.•30 views

CVE-2026-41416 PJSIP: Asymmetric ptime integer overflow in Media Stream

9.3CVSS0.0006EPSS

Exploits0References2

CVE•added 2026/04/24 6:40 p.m.•7 views

CVE-2026-41416

PJSIP (C library) has an integer overflow in the media stream buffer size calculation when processing SDP with asymmetric ptime configuration in versions 2.16 and earlier. This may lead to an undersized buffer and memory corruption or unexpected termination. The issue is fixed in version 2.17; up...

9.3CVSS5.8AI score0.0006EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/04/24 6:40 p.m.•4 views

CVE-2026-41416

9.3CVSS5.8AI score0.0006EPSS

Exploits0

CVE•added 2026/04/24 6:38 p.m.•11 views

CVE-2026-41415

PJSIP (the C library) contains CVE-2026-41415: in 2.16 and earlier, parsing a malformed Content-ID URI in a SIP multipart message body can trigger an out-of-bounds read due to insufficient length validation. Red Hat describes a potential denial-of-service impact and notes mitigation may not meet ...

9.1CVSS5.5AI score0.00061EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2026/04/24 6:38 p.m.•2 views

CVE-2026-41415

8.8CVSS5.5AI score0.00061EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/04/24 6:38 p.m.•28 views

CVE-2026-41415 PJSIP: SIP Multipart CID URI Length Underflow

8.8CVSS0.00061EPSS

Exploits0References2

Rows per page