CVE-2026-28799

A flaw was found in PJSIP. A remote attacker can exploit a heap use-after-free vulnerability within the event subscription framework by sending a specially crafted message during presence unsubscription. This can lead to a denial of service, making the affected system unavailable. Mitigation...

CVE-2026-21905

A Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the SIP application layer gateway ALG of Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC allows an unauthenticated network-based attacker sending specific SIP messages over TCP to crash the flow...

CVE-2025-52960

A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...

EUVD-2007-2186

Malware in sbrugna...

EUVD-2023-31820

Malicious code in bioql PyPI...

EUVD-2021-8685

Malicious code in bioql PyPI...

CVE-2003-0761

Buffer overflow in the getmsgtext of chansip.c in the Session Initiation Protocol SIP protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain 1 MESSAGE or 2 INFO requests...

Cisco IP Phones 7800 Series and 8800 Series and Cisco Wireless IP Phone 8821 Denial of Service (CVE-2018-0325)

A vulnerability in the Session Initiation Protocol SIP call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected phone. The vulnerability is due t...

CVE-2023-44198

An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks. If the SIP ALG is configured and a device receives a...

CVE-2023-22408

An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. When an attacker sends an SIP packets with a malformed SDP field then the SIP ALG can not process i...

CVE-2022-22198

An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service DoS. Continued receipt of these specific packets will cause a sustained Denial of Service condition. On all MX and SRX...

Critical Bugs Reported in Popular Open Source PJSIP SIP and Media Stack

As many as five security vulnerabilities have been disclosed in the PJSIP open-source multimedia communication library that could be abused by an attacker to trigger arbitrary code execution and denial-of-service DoS in applications that use the protocol stack. The weaknesses were identified and...

UBUNTU-CVE-2022-21723

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause...

PJSIP 缓冲区错误漏洞

PJSIP is a free and open source multimedia communications library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A buffer error vulnerability exists in PJSIP 2.11.1 and earlier versions, where parsing incoming SIP messages containing malformed...

Stack overflow

A Stack-based Buffer Overflow vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service DoS. Continued receipt of these specific packets will cause ...

PJSIP 缓冲区错误漏洞

PJSIP is a free and open source multimedia communications library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A buffer error vulnerability exists in PJSIP 2.11.1 and earlier versions, which stems from the fact that if an incoming RTCP XR...

Critical Remote Hacking Flaws Disclosed in Linphone and MicroSIP Softphones

Multiple security vulnerabilities have been disclosed in softphone software from Linphone and MicroSIP that could be exploited by an unauthenticated remote adversary to crash the client and even extract sensitive information like password hashes by simply making a malicious call. The...

Pexip Infinity Input Validation Error Vulnerability (CNVD-2020-55175)

Pexip Infinity is a video conferencing cloud collaboration platform from Norway's pexip, a video communications software that organizations can deploy in their IT infrastructure, public or private cloud, or any hybrid combination to enable everyone to have their own personal high-quality video,...

CVE-2020-24615

Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP...

Cisco 7937G All-In-One Exploiter Exploit

This exploit is an all-in-one tool that leverages vulnerabilities described in CVE-2020-16139, CVE-2020-16138, and CVE-2020-16137 against Cisco 7937G devices versions SIP-1-4-5-7 and below. Exploit Title: Cisco 7937G All-In-One Exploiter Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepag...