Lucene search
K

129 matches found

Cvelist
Cvelist
added 2023/03/23 12:0 a.m.38 views

CVE-2023-26496

An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5124. Memory corruption can occur due to improper checking of the parameter length while parsing the fmtp attribute in the SDP Session Description Protocol...

8.6CVSS9.9AI score0.24266EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/03/23 12:0 a.m.10 views

CVE-2023-26496

An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5124. Memory corruption can occur due to improper checking of the parameter length while parsing the fmtp attribute in the SDP Session Description Protocol...

8.6CVSS9.7AI score0.24266EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.6 views

SAMSUNG Mobile Chipset 缓冲区错误漏洞

SAMSUNG Mobile Chipset is a series of chips from the South Korean company Samsung SAMSUNG. A security vulnerability exists in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos Auto T5124, which stems from an improper parameter length check wh...

9.8CVSS8.3AI score0.24266EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/03/23 12:0 a.m.6 views

PT-2023-20686

Name of the Vulnerable Software and Affected Versions Samsung Baseband Modem Chipset for Exynos Modem 5123 Samsung Baseband Modem Chipset for Exynos Modem 5300 Samsung Baseband Modem Chipset for Exynos 980 Samsung Baseband Modem Chipset for Exynos 1080 Samsung Baseband Modem Chipset for Exynos Au...

9.8CVSS8.1AI score0.24266EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/15 12:0 a.m.6 views

OpenSIPS 输入验证错误漏洞

OpenSIPS is a GPL-licensed SIP server implementation from the individual developers of OpenSIPS. An input validation error vulnerability exists in OpenSIPS version 3.2 and earlier, which stems from a system crash when an incorrectly formatted SDP body is received and processed by the...

7.5CVSS7.3AI score0.0099EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/15 12:0 a.m.6 views

OpenSIPS 安全漏洞

OpenSIPS is a GPL-licensed SIP server implementation from the OpenSIPS Individual Developer. A security vulnerability exists in OpenSIPS versions prior to 3.1.8 and 3.2.5, which stems from a crash in OpenSIPS when a malformed SDP subject is sent multiple times to an OpenSIPS configuration using t...

7.5CVSS7.3AI score0.00738EPSS
Exploits0References3
NVD
NVD
added 2023/03/13 12:15 p.m.49 views

CVE-2023-24033

The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol SDP module, which can lead to a denial of service...

9.8CVSS7.8AI score0.34546EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/13 12:0 a.m.5 views

SAMSUNG Mobile Chipset 安全漏洞

SAMSUNG Mobile Chipset is a family of chips from Samsung South Korea. A security vulnerability exists in the SAMSUNG Mobile Chipset baseband module, which results in a denial of service due to the chipset not properly checking the format type specified by the Session Description Protocol SDP modu...

9.8CVSS8.3AI score0.34546EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/03/13 12:0 a.m.12 views

CVE-2023-24033

The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol SDP module, which can lead to a denial of service...

7.5CVSS9.3AI score0.34546EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.4 views

SUSE CVE-2008-0225

Heap-based buffer overflow in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmffdumpheader function and related to disregarding the max field. NOTE...

6.4CVSS8.4AI score0.14969EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.5 views

SUSE CVE-2008-0238

Multiple heap-based buffer overflows in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP 1 Title, 2 Author, or 3 Copyright attribute, related to the rmffdumpheader function, different vectors than CVE-2008-0225. NOTE:...

7.5CVSS8.1AI score0.04211EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.4 views

SUSE CVE-2008-2374

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field th...

9.8CVSS7.7AI score0.04287EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.4 views

SUSE CVE-2013-2685

Stack-based buffer overflow in res/resformatattrh264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol SDP header...

7.5CVSS8.3AI score0.02621EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.6 views

SUSE CVE-2017-14767

The sdpparsefmtpconfigh264 function in libavformat/rtpdech264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service heap buffer overflow or possibly have unspecified other impact via a crafted sdp file...

8.8CVSS9.8AI score0.02712EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.5 views

SUSE CVE-2018-7285

A NULL pointer access issue was discovered in Asterisk 15.x through 15.2.1. The RTP support in Asterisk maintains its own registry of dynamic codecs and desired payload numbers. While an SDP negotiation may result in a codec using a different payload number, these desired ones are still stored...

7.5CVSS7.5AI score0.05132EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.5 views

SUSE CVE-2018-1000099

Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2...

7.5CVSS7.6AI score0.0354EPSS
Exploits0References3
OSV
OSV
added 2022/05/31 7:15 p.m.3 views

ALPINE-CVE-2022-31002

Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with %. Version 1.13.8 contains a patch for this issue...

7.5CVSS6.9AI score0.01802EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/05/31 12:0 a.m.11 views

Sofia-SIP 缓冲区错误漏洞

Sofia-SIP is an open source SIP user agent library from the individual developers of freeswitch that conforms to the IETF RFC3261 specification. A security vulnerability exists in Sofia-SIP, which stems from an out-of-bounds write to memory accessed by an application parsing sdp messages. An...

9.8CVSS8.2AI score0.0366EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2022/05/31 12:0 a.m.7 views

PT-2022-20448

Name of the Vulnerable Software and Affected Versions Sofia-SIP versions prior to 1.13.8 Description Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. An attacker can send a message with malicious sdp to FreeSWITCH, which may cause a crash. This type of crash may be...

7.8CVSS7.1AI score0.02022EPSS
Exploits1References38
OSV
OSV
added 2022/03/22 5:15 p.m.4 views

UBUNTU-CVE-2022-24764

PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API pjmediasdpprint, pjmediasdpmediaprint. Applications that do not use PJSUA2 and do not directly...

7.5CVSS7.5AI score0.02303EPSS
Exploits0References5
Rows per page
Query Builder