Lucene search
K

513 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/12 12:40 a.m.10 views

CVE-2026-45362

Sangoma Switchvox before 8.4 places cleartext SIP authentication credentials in a backup file...

3.2CVSS5.8AI score0.00095EPSS
Exploits0References3
Veracode
Veracode
added 2026/04/30 6:14 a.m.8 views

Null Pointer Dereference

github.com/emiago/sipgo is vulnerable to a Null pointer dereference. The vulnerability is due to missing nil checks for the To header in the NewResponseFromRequest function, which allows an attacker to exploit it by sending a malformed SIP request without a To header and crash the application...

8.7CVSS7.7AI score0.00487EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/04/24 6:38 p.m.8 views

EUVD-2026-25597

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message body. Insufficient length validation can cause reads beyond the intended buffer bounds. This...

8.8CVSS5.4AI score0.00308EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.8 views

PJSIP 缓冲区错误漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier had a buffer error vulnerability, which stemmed from out-of-bounds read...

9.1CVSS6AI score0.00308EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/13 1:40 p.m.6 views

CVE-2026-31427

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix use of uninitialized rtpaddr in processsdp processsdp declares union nfinetaddr rtpaddr on the stack and passes it to the nfnatsip sdpsession hook after walking the SDP media descriptions. However...

5.5CVSS5.2AI score0.00115EPSS
Exploits0
NVD
NVD
added 2026/04/08 8:16 p.m.7 views

CVE-2026-39864

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...

4.9CVSS0.00301EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/08 8:16 p.m.11 views

CVE-2026-39864

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...

4.9CVSS5.8AI score0.00301EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 7:58 p.m.5 views

CVE-2026-39864 Kamailio Auth: Processing Vulnerability For Additional Authenticated User Identity Checks

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...

4.4CVSS6AI score0.00301EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/08 7:58 p.m.4 views

CVE-2026-39864

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...

4.9CVSS5.5AI score0.00301EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/04/07 12:54 a.m.133 views

Exploit for Classic Buffer Overflow in Pjsip

CVE-2026-25994 – PJNATH ICE Stack Buffer Overflow pjsip ≤ 2.16...

9.8CVSS7.8AI score0.01927EPSS
Exploits3
SUSE CVE
SUSE CVE
added 2026/04/03 11:27 p.m.8 views

SUSE CVE-2026-23457

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix Content-Length u32 truncation in siphelptcp siphelptcp parses the SIP Content-Length header with simplestrtoul, which returns unsigned long, but stores the result in unsigned int clen. On 64-bit...

5.3CVSS5.7AI score0.00375EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.8 views

PT-2026-30151

Name of the Vulnerable Software and Affected Versions The Linux kernel affected versions not specified Description A flaw exists in the sip help tcp function within the netfilter module. This function parses the SIP Content-Length header using simple strtoul, which returns an unsigned long, but...

8.6CVSS5.3AI score0.00375EPSS
Exploits0References497
OSV
OSV
added 2026/03/20 9:16 a.m.4 views

DEBIAN-CVE-2026-33069

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsipmultipartparse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...

7.5CVSS5.6AI score0.0026EPSS
Exploits0References1
NVD
NVD
added 2026/03/20 9:16 a.m.8 views

CVE-2026-33069

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsipmultipartparse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...

7.5CVSS0.0026EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/20 8:21 a.m.2 views

CVE-2026-33069

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsipmultipartparse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...

6.9CVSS6AI score0.0026EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/03 12:48 a.m.35 views

CVE-2026-0754 SIP Service Providers – Possible Impersonation of Poly Voice Device

An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...

8.2CVSS0.00098EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/03 12:48 a.m.4 views

CVE-2026-0754 SIP Service Providers – Possible Impersonation of Poly Voice Device

An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...

8.2CVSS5.9AI score0.00098EPSS
Exploits0References1
CVE
CVE
added 2026/03/03 12:48 a.m.24 views

CVE-2026-0754

The CVE describes a vulnerability in Poly Voice devices where an embedded test key and certificate can be extracted via reverse engineering. If a SIP service provider does not properly validate device certificates, the extracted certificate could be accepted, enabling impersonation of the Poly Vo...

8.2CVSS5.9AI score0.00098EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/03 12:48 a.m.8 views

EUVD-2026-9270

An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...

8.2CVSS5.9AI score0.00098EPSS
Exploits0References1
Metasploit
Metasploit
added 2026/02/24 6:58 p.m.259 views

GrandStream GXP1600 proxy SIP traffic

This capture module works against Grandstream GXP1600 series VoIP devices and can reconfigure the device to use an arbitrary SIP proxy. You can first leverage the exploit/linux/http/grandstreamgxp1600unauthrce exploit module to get a root session on a target GXP1600 series device before running...

5.9AI score
Exploits0
Rows per page
Query Builder