PUB-A-491016892

In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

Enclawed: A Configurable, Sector-Neutral Hardening Framework for Single-User AI Assistant Gateways

We present enclawed, a hard-fork hardening framework built on top of the OpenClaw single-user personal artificial intelligence AI assistant gateway. enclawed targets deployments that need attestable peer trust, deny-by-default external connectivity, signed-module loading, and a tamper-evident aud...

Yokogawa Electric Corporation Vnet/IP Interface 安全漏洞

Yokogawa Electric Corporation Vnet/IP Interface is a real-time control network interface of Yokogawa Corporation. Versions of Yokogawa Electric Corporation Vnet/IP Interface prior to R1.07.00 contained a security vulnerability. This vulnerability stemmed from the handling of malicious data packet...

Linux Distros Unpatched Vulnerability : CVE-2017-14603

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6,...

PT-2024-26003 · Librtp.So · Librtp.So

Name of the Vulnerable Software and Affected Versions: librtp.so versions prior to SMR Jul-2024 Release 1 Description: The issue is related to improper input validation in parsing RTCP RR packets, which can be exploited by remote attackers to trigger a temporary denial of service. User interactio...

CVE-2023-31455

Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort...

Pexip Infinity Security Vulnerability

Pexip Infinity is a cloud collaboration platform for video conferencing from Pexip Norway. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity prior to version 31.2, which stems from incorrect validation of RTCP inputs,...

AMD Ryzen™ Master Security Bulletin

Bulletin ID: AMD-SB-7004 Potential Impact: Varies by CVE, see descriptions below Severity: V aries by CVE, see descriptions below Summary AMD Ryzen™ Master is a software tool that provides users access to advanced settings, such as clock and voltage settings, to control system performance in...

SUSE CVE-2018-11355

In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks...

ALPINE-CVE-2022-24786

PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI Reference Picture Selection Indication packet, but any app that directly uses pjmediartcpfbparserpsi will be affected. A patch is available in the...

CVE-2022-21722 Potential out-of-bound read during RTP/RTCP parsing in PJSIP

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially...

UBUNTU-CVE-2021-43804

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length, this declared length is not checked against th...

Denial of Service Vulnerability in Advantech WebAccess Node (CNVD-2021-41708)

Advantech WebAccess Node is a software for monitoring PLCs and other devices from Advantech in Taiwan, China. The product can realize real-time control of equipment status by monitoring PLC and other devices. A denial of service vulnerability exists in Advantech WebAccess Node. An attacker could...

GE RSTi-EP PLC Detection

Binary data 762311.prm...

UBUNTU-CVE-2019-7314

liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash Segmentation fault or possibly have unspecified other impact...

Polymorph - A Real-Time Network Packet Manipulation Framework With Support For Almost All Existing Protocols

Polymorph is a framework written in Python 3 that allows the modification of network packets in real time, providing maximum control to the user over the contents of the packet. This framework is intended to provide an effective solution for real-time modification of network packets that implemen...

Wireshark Buffer Overflow Vulnerability (CNVD-2018-12180)

Wireshark is a network packet analyzer. Wireshark is a network packet analyzer that captures network packets and displays the most detailed network packet information possible.Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card. A buffer overflow...

Real-time Network Packet Manipulation Framework: Polymorph

Polymoprh is a framework written in the Python3 programming language that allows the modification of network packets in real time, providing maximum control to the user over the contents of the packet. This framework is intended to provide an effective solution for real-time modification of netwo...

Smiths Medical Medfusion 4000 - DHCP Denial of Service Exploit

Exploit for hardware platform in category dos / poc !/usr/bin/python3 """PoC for MQX RTCS code execution via DHCP options overflow. This is just a quick hack to prove the vulnerability and was designed to run on a private network with the target device. """ import datetime import socket def main:...

DEBIAN-CVE-2017-14603

In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetricrtp" options allow...