CVE-2026-0754

An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...

PT-2026-22708

An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...

CVE-2021-0597

In notifyProfileAdded and notifyProfileRemoved of SipService.java, there is a possible way to retrieve SIP account names due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

The vulnerability of the `notifyProfileAdded` and `notifyProfileRemoved` functions in the Android operating system allows a hacker to disclose protected information.

The vulnerability of the notifyProfileAdded and notifyProfileRemoved functions in the SipService.java file of the Android operating system is related to authentication errors. Exploiting this vulnerability can allow attackers to disclose sensitive information that is protected by these functions...

CVE-2021-0597

In notifyProfileAdded and notifyProfileRemoved of SipService.java, there is a possible way to retrieve SIP account names due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

Yealink IP Phone Detection Consolidation

Consolidation of Yealink IP Phone detections. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-18566

The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business...

Design/Logic Flaw

The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business...

CVE-2018-18566

Polycom VVX 500/601 devices (firmware

Asterisk Detection

One or more Asterisk SIP services are listening on the remote host. This is an indication that Asterisk PBX is running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid63202; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate",...

Asterisk PBX NULL Pointer Dereference Overflow

Asterisk PBX is prone to a remote buffer overflow vulnerability. SPDX-FileCopyrightText: 2008 Ferdy Riphagen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Cisco Phone 7940 Remote Denial of Service Exploit

Exploit for hardware platform in category dos / poc ================================================= Cisco Phone 7940 Remote Denial of Service Exploit ================================================= !/usr/bin/perl Vulnerabily discovered using KiF Kiph Authors: Humberto J. Abdelnur Ph.D Student...