Lucene search
+L

697 matches found

Vulnrichment
Vulnrichment
added 2026/03/20 3:54 a.m.3 views

CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

8.4CVSS5.8AI score0.00308EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/20 3:54 a.m.4 views

EUVD-2026-13519

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

8.4CVSS5.8AI score0.00308EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/03/20 3:54 a.m.6 views

CVE-2026-32945

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

9.8CVSS5.5AI score0.00308EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/03/20 3:54 a.m.7 views

CVE-2026-32945

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

9.8CVSS5.4AI score0.00308EPSS
Exploits1
OSV
OSV
added 2026/03/20 3:54 a.m.4 views

CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

8.4CVSS5.9AI score0.00308EPSS
Exploits1References4
CVE
CVE
added 2026/03/20 3:43 a.m.16 views

CVE-2026-32942

PJSIP (C library) contains a heap use-after-free in the ICE session for versions 2.16 and earlier, caused by race conditions between session destruction and callbacks. This may lead to crashes; upgrading to version 2.17 fixes the issue. References confirm affected versions and fix.

9.3CVSS5.7AI score0.00319EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/20 3:43 a.m.1 views

CVE-2026-32942

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

9.3CVSS5.7AI score0.00319EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/20 3:43 a.m.2 views

CVE-2026-32942 PJSIP has ICE session use-after-free race conditions

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

9.3CVSS5.7AI score0.00319EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/20 3:43 a.m.25 views

CVE-2026-32942 PJSIP has ICE session use-after-free race conditions

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

9.3CVSS0.00319EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/03/20 3:43 a.m.4 views

CVE-2026-32942

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

9.3CVSS5.3AI score0.00319EPSS
Exploits0
OSV
OSV
added 2026/03/20 3:43 a.m.4 views

CVE-2026-32942 PJSIP has ICE session use-after-free race conditions

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

9.3CVSS5.8AI score0.00319EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/03/20 3:43 a.m.4 views

CVE-2026-32942

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

9.3CVSS5.3AI score0.00319EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

PJSIP 安全漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP versions 2.16 and earlier contained a security vulnerability caused by a stack buffer overflow in the D...

9.8CVSS6.2AI score0.00308EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.4 views

PT-2026-26586

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsip multipart parse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...

6.9CVSS6AI score0.0026EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.7 views

PT-2026-26552

Name of the Vulnerable Software and Affected Versions PJSIP versions 2.16 and below Description PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a Heap-based Buffer Overflow in the DNS parser's name length handler. This impacts...

9.8CVSS5.8AI score0.00308EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-28799

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's even...

8.7CVSS5.3AI score0.00285EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-29068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when...

8.7CVSS5.6AI score0.00314EPSS
Exploits0References2
NVD
NVD
added 2026/03/06 7:16 a.m.7 views

CVE-2026-29068

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...

8.7CVSS0.00314EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/03/06 7:16 a.m.4 views

CVE-2026-29068

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...

8.7CVSS5.9AI score0.00314EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/03/06 7:16 a.m.3 views

CVE-2026-28799

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework evsub.c that is triggered during presence unsubscription SUBSCRIBE with Expires=0. This issue has been patched i...

8.7CVSS5.9AI score0.00285EPSS
Exploits0References3
Rows per page
Query Builder