CVE-2026-0792 ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability

ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...

ALGO 8180 IP Audio Alerter security vulnerability

ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a security vulnerability. This vulnerability stems from the lack of data length verification when processing SIP INVITE requests using the Replaces header, which may lead to stack buffer...

EUVD-2011-2545

Malware in sbrugna...

EUVD-2007-6338

Malware in sbrugna...

EUVD-2009-3677

Malware in sbrugna...

EUVD-2009-2047

Malware in sbrugna...

Cisco IP Phone Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2007-5583)

Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers to cause a denial of service 486 Busy responses or device reboot via a sequence of SIP INVITE transactions in which the Request-URI lacks a user name, a different vulnerability than CVE-2007-4459. This plugin only works with...

SIP Invite Spoof

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SIP Invite Spoof', 'Description' = %q This module will create a fake SIP invite request making the targeted device ring and display fake caller i...

CVE-2020-28327

A respjsipsession crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This...

asterisk -- Remote crash in res_pjsip_session

The Asterisk project reports: Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending upon some off nominal circumstances, and timing it...

CVE-2018-7286

An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. respjsip allows remote authenticated users to crash Asterisk segmentation fault by sending a number of SIP INVITE messages on a TCP or TLS connection and...

CVE-2018-7286

An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. respjsip allows remote authenticated users to crash Asterisk segmentation fault by sending a number of SIP INVITE messages on a TCP or TLS connection and...

CVE-2018-7286

An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. respjsip allows remote authenticated users to crash Asterisk segmentation fault by sending a number of SIP INVITE messages on a TCP or TLS connection and...

CVE-2018-0086

A vulnerability in the application server of the Cisco Unified Customer Voice Portal CVP could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on the CVP during...

CVE-2018-0086

A vulnerability in the application server of the Cisco Unified Customer Voice Portal CVP could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on the CVP during...

CVE-2018-0086

CVE-2018-0086 affects Cisco Unified CVP (Cisco Unified Customer Voice Portal). The issue is triggered by malformed SIP INVITE traffic during CVP communications with the Cisco Virtualized Voice Browser (VVB), allowing an unauthenticated remote attacker to cause a denial of service on the affected ...

Cross site scripting

Cross-site scripting XSS vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message...

Cisco Unity Connection Multiple Remote DoS (cisco-sa-20150401-cuc)

The version of Cisco Unity Connection installed on the remote host is 8.5 prior to 8.51SU7 / 8.6 prior to 8.62aSU4 / 9.x prior to 9.12SU2 / 10.x prior to 10.01SU1. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists in the Connecti...

Cisco Unity Connection SIP Trunk Integration Tailored INVITE Message Denial of Service Vulnerability (CNVD-2015-02212)

Cisco Unity Connection is a feature-rich voice messaging platform that uses the Linux Unified Communications operating system. A security vulnerability exists in the Connection Conversation Manager CuCsMgr process of Cisco Unity Connection. It allows an unauthenticated, remote attacker to cause a...

Thomson SpeedTouch 2030 SIP Invite Message Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25446/info Thomson SpeedTouch 2030 is prone to a denial-of-service vulnerability because the device fails to handle specially crafted SIP INVITE messages. Exploiting this issue allows remote attackers to cause the device ...