CVE-2026-49475

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

CVE-2026-49475

FreeSWITCH (core STUN attribute parsing) is affected. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser casts to can cause an out-of-bounds read/write on the per-leg media buffer. The issue has been patched in version 1.11.0. The CVE’s...

FreeSWITCH 输入验证错误漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.0, there was a...

Fedora 42 : coturn (2026-e673311164)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e673311164 advisory. Coturn 4.10.0 Performance Add Linux-only recvmmsg client receive path for DTLS/UDP listener Skip response buffer allocation for STUN indications...

Fedora 43 : coturn (2026-1adc5f1ef8)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1adc5f1ef8 advisory. Coturn 4.10.0 Performance Add Linux-only recvmmsg client receive path for DTLS/UDP listener Skip response buffer allocation for STUN indications...

[SECURITY] Fedora 42 Update: coturn-4.9.0-1.fc42

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

[SECURITY] Fedora 43 Update: coturn-4.9.0-1.fc43

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

EUVD-2013-6750

Malware in sbrugna...

EUVD-2013-6287

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-37706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN,...

SUSE CVE-2013-6484

The STUN protocol implementation in libpurple in Pidgin before 2.10.8 allows remote STUN servers to cause a denial of service out-of-bounds write operation and application crash by triggering a socket read error...

SUSE CVE-2020-12420

When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR 68.10, Firefox 78, and Thunderbird 68.10.0...

PJSIP 缓冲区错误漏洞

PJSIP is a free and open source multimedia communications library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A security vulnerability exists in PJSIP versions prior to 2.13.1 that stems from a buffer overflow that can occur when parsing...

CVE-2022-31031

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their...

PJSIP 缓冲区错误漏洞

PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A security vulnerability exists in PJSIP version 2.12.1 and earlier, which can be exploited by an attacker to compromise PJSIP users...

ALPINE-CVE-2021-37706

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before...

DEBIAN-CVE-2021-37706

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before...

UBUNTU-CVE-2021-37706

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before...

DDoS attacks in Q2 2021

News overview In terms of big news, Q2 2021 was relatively calm, but not completely eventless. For example, April saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to owners of infected devices. The malware creators promoted their brainchild...

[SECURITY] Fedora 32 Update: coturn-4.5.1.3-1.fc32

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gat eway. It can be used as a general-purpose network traffic TURN server/gateway, to o. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relayin...