CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2026/06/18 7:44 p.m.•6 views

CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

9.8CVSS6.1AI score0.0045EPSS

Exploits1

OSV•added 2026/06/12 12:28 p.m.•6 views

OESA-2026-2683 sofia-sip security update

Sofia SIP is a RFC-3261-compliant library for SIP user agents and other network elements. The Session Initiation Protocol SIP is an application-layer control signaling protocol for creating, modifying, and terminating sessions with one or more participants. These sessions include Internet telepho...

7.5CVSS7.1AI score0.01647EPSS

Exploits1References3

OSV•added 2026/06/12 12:28 p.m.•6 views

OESA-2026-2682 sofia-sip security update

7.5CVSS7.1AI score0.01647EPSS

Exploits1References3

RedhatCVE•added 2026/06/10 9:2 p.m.•11 views

CVE-2026-49475

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

NVD•added 2026/06/09 5:17 p.m.•10 views

CVE-2026-49475

7.5CVSS0.00278EPSS

Cvelist•added 2026/06/09 4:0 p.m.•32 views

CVE-2026-49475 FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing

7.5CVSS0.00278EPSS

Vulnrichment•added 2026/06/09 4:0 p.m.•10 views

CVE-2026-49475 FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing

CVE•added 2026/06/09 4:0 p.m.•18 views

CVE-2026-49475

FreeSWITCH (core STUN attribute parsing) is affected. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser casts to can cause an out-of-bounds read/write on the per-leg media buffer. The issue has been patched in version 1.11.0. The CVE’s...

Exploits0References2Affected Software1

Positive Technologies•added 2026/06/09 12:0 a.m.•15 views

PT-2026-47846

CNNVD•added 2026/06/09 12:0 a.m.•11 views

FreeSWITCH 输入验证错误漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.0, there was a...

Fedora•added 2026/06/05 4:27 a.m.•19 views

[SECURITY] Fedora 44 Update: libre-4.8.1-1.fc44

Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack RFC 3261, SDP, RTP and RTCP, SRTP and SRTCP Secure RTP, DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O poll, epoll, select, kqueue,...

Fedora•added 2026/06/05 4:10 a.m.•15 views

[SECURITY] Fedora 43 Update: libre-4.8.1-1.fc43

Fedora•added 2026/05/18 1:24 a.m.•28 views

[SECURITY] Fedora 42 Update: coturn-4.11.0-1.fc42

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

Fedora•added 2026/05/18 12:59 a.m.•18 views

[SECURITY] Fedora 43 Update: coturn-4.11.0-1.fc43

Fedora•added 2026/05/18 12:45 a.m.•18 views

[SECURITY] Fedora 44 Update: coturn-4.11.0-1.fc44

Tenable Nessus•added 2026/05/17 12:0 a.m.•12 views

Fedora 44 : coturn (2026-3b3139882c)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3b3139882c advisory. Coturn 4.11.0 - Fix prometheus response memory leak introduced in 4.10.0 - Use constant-time compare for STUN MESSAGE-INTEGRITY HMAC - Fix format-string...

Tenable Nessus•added 2026/05/17 12:0 a.m.•11 views

Fedora 42 : coturn (2026-dfa8ea5809)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-dfa8ea5809 advisory. Coturn 4.11.0 - Fix prometheus response memory leak introduced in 4.10.0 - Use constant-time compare for STUN MESSAGE-INTEGRITY HMAC - Fix format-string...

Tenable Nessus•added 2026/05/17 12:0 a.m.•15 views

Fedora 43 : coturn (2026-f0fbd93125)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f0fbd93125 advisory. Coturn 4.11.0 - Fix prometheus response memory leak introduced in 4.10.0 - Use constant-time compare for STUN MESSAGE-INTEGRITY HMAC - Fix format-string...