PT-2026-2022

Name of the Vulnerable Software and Affected Versions ALGO 8180 IP Audio Alerter affected versions not specified Description The ALGO 8180 IP Audio Alerter contains a use-after-free condition in its implementation of the Session Initiation Protocol SIP. This issue could allow for remote code...

EUVD-2019-4245

Malware in sbrugna...

EUVD-2007-3307

Malware in sbrugna...

EUVD-2007-3337

Malware in sbrugna...

EUVD-2010-0610

Malware in sbrugna...

EUVD-2010-0612

Malware in sbrugna...

EUVD-2010-0635

Malware in sbrugna...

EUVD-2014-2205

Malware in sbrugna...

CVE-2025-52982

Juniper Junos OS MX Series with MS-MPC SIP ALG is affected. When two or more SIP-processing service sets run, an improper resource shutdown can cause the MS-MPC to crash and restart, enabling unauthenticated network-based DoS. Affected versions: all before 21.2R3-S9; 21.4 from 21.4R1; 22.2 before...

CVE-2025-20045

CVE-2025-20045 affects F5 BIG-IP SIP ALG profile vulnerability where a SIP ALG Passthru Mode plus SIP router ALG on a Message Routing virtual server can cause Traffic Management Microkernel (TMM) termination, leading to DoS. The issue is documented across multiple sources (NVD, Red Hat, CVE listi...

CVE-2025-20165 Cisco BroadWorks SIP Denial of Service Vulnerability

A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service DoS condition. This vulnerability is due to improper memory handling for certain SIP requests. An...

Cisco IP Phone Session Initiation Protocol Denial of Service (CVE-2007-4459)

Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.70, allows remote attackers to cause a denial of service device reboot via 1 a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or 2 a certain invalid SIP INVITE message that contains a remote...

Cisco Unified IP Phone Software Denial of Service (CVE-2018-0332)

A vulnerability in the Session Initiation Protocol SIP ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacke...

CVE-2021-43610

Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via an invalid From header request URI without a parameter in an unauthenticated SIP message, a different issue than CVE-2021-33056...

Apple macOS Flaw Allows Kernel-Level Compromise

Apple has patched a vulnerability in macOS can allow attackers to bypass a key OS protection and install a malicious rootkit to perform arbitrary operations on a device, researchers from Microsoft have discovered. The problem—dubbed “Shrootless”–is associated with a security technology called...

CVE-2021-41158

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, an attacker can perform a SIP digest leak attack against FreeSWITCH and receive the...

CVE-2021-33056

Belledonne Belle-sip before 4.5.20, as used in Linphone and other products, can crash via an invalid From header in a SIP message...

CVE-2021-26906

The CVE-2021-26906 entry describes an SDP negotiation vulnerability in PJSIP within Digium Asterisk (and Certified Asterisk) up to specific older branches, allowing a remote server to potentially crash Asterisk by sending SIP responses that trigger an SDP negotiation failure. Affected products in...

CVE-2020-28327

A respjsipsession crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This...

CVE-2019-19417

The SIP module of some Huawei products have a denial of service DoS vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the...