CVE-2026-34005

In Sofia on Xiongmai DVR/NVR AHB7008T-MH-V2 and NBD7024H-P 4.03.R11 devices, root OS command injection can occur via shell metacharacters in the HostName value via an authenticated DVRIP protocol TCP port 34567 request to the NetWork.NetCommon configuration handler, because system is used...

EUVD-2023-26859

Malicious code in bioql PyPI...

EUVD-2022-52708

Malicious code in bioql PyPI...

EUVD-2023-36559

Malicious code in bioql PyPI...

CVE-2024-3765

A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530R80X30-PQ8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input...

Sofia-SIP: Multiple Vulnerabilities

Background Sofia-SIP is an RFC3261 compliant SIP User-Agent library. Description Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE identifiers referenced below for details. Impact Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE...

GLSA-202407-10 : Sofia-SIP: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202407-10 Sofia-SIP: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block direct...

CVE-2024-3765

A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530R80X30-PQ8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input...

CVE-2024-3765

CVE-2024-3765 affects Xiongmai devices (AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME, XM530_R80X30-PQ_8M) in the Sofia Service. The vulnerability stems from improper access controls triggered by manipulating a specific input sequence (ff0000000000000000000...

CVE-2024-3765 Xiongmai AHB7804R-MH-V2 Sofia Service access control

A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530R80X30-PQ8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input...

CVE-2024-3765 Xiongmai AHB7804R-MH-V2 Sofia Service access control

A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530R80X30-PQ8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input...

PT-2024-27700 · Xiongmai · Xiongmai Ahb7004T-Gs-V3 +6

Name of the Vulnerable Software and Affected Versions: Xiongmai AHB7804R-MH-V2 Xiongmai AHB8004T-GL Xiongmai AHB8008T-GL Xiongmai AHB7004T-GS-V3 Xiongmai AHB7004T-MHV2 Xiongmai AHB8032F-LME Xiongmai XM530 R80X30-PQ 8M Description: A critical vulnerability was found in the Sofia Service component ...

sofia-taganrog.ru Cross Site Scripting vulnerability OBB-3906383

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

[SECURITY] Fedora 38 Update: sofia-sip-1.13.12-2.fc38

Sofia SIP is a RFC-3261-compliant library for SIP user agents and other network elements. The Session Initiation Protocol SIP is an application-layer control signaling protocol for creating, modifying, and terminating sessions with one or more participants. These sessions include Internet telepho...

Fedora: Security Advisory for sofia-sip (FEDORA-2024-b9c02df30f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : sofia-sip (2024-b9c02df30f)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-b9c02df30f advisory. Security fix for CVE-2023-32307 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

The vulnerability of the Sofia-SIP user agent library (session initiation protocol) lies in its ability to write data beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Sofia-SIP user agent library session initiation protocol relates to the possibility of writing beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted STUN packets remotely...

Ubuntu: Security Advisory (USN-6448-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6448-1 sofia-sip vulnerability

Xu Biang discovered that Sofia-SIP did not properly manage memory when handling STUN packets. An attacker could use this issue to cause Sofia-SIP to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-6448-1: Sofia-SIP vulnerability

Xu Biang discovered that Sofia-SIP did not properly manage memory when handling STUN packets. An attacker could use this issue to cause Sofia-SIP to crash, resulting in a denial of service, or possibly execute arbitrary code...