EUVD-2021-26334

Malware in sbrugna...

EUVD-2021-26336

Malware in sbrugna...

CVE-2021-39978

Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues...

Unspecified Vulnerability in Microsoft Windows Telephony Server (CNVD-2025-02538)

Microsoft Windows Telephony Server is a component of Microsoft Corporation USA that supports the Telephony Application Programming Interface TAPI, which allows computer programs to communicate with shared telephony services. A security vulnerability exists in Microsoft Windows Telephony Server. A...

Samsung telephony-common.jar information disclosure vulnerability

Samsung telephony-common.jar is a Telephony service for Samsung mobile devices that provides support for the Telephony Application Programming Interface TAPI. A local attacker with log access could exploit the vulnerability to obtain IMSI through device logs...

CVE-2021-39980

Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure...

CVE-2021-39978

Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues...

Information disclosure

Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure...

CVE-2021-39980

CNVD-2022-08457 describes an unspecified vulnerability in Huawei HarmonyOS where an attacker can bypass privileges to access IMSI. The Huawei HarmonyOS component and root cause are not detailed in the entry, and there is no remediation information provided. Action: monitor for updates.

CVE-2021-39980

Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure...

CVE-2021-39978

Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues...

SLICAN WebCTI Cross-Site Scripting Vulnerability

SLICAN WebCTI is a telephony application. A cross-site scripting vulnerability exists in SLICAN WebCTI version 1.01 2015, which can be exploited by an attacker to steal a user's session by injecting malicious JavaScript code, which can lead to session hijacking and result in theft of user...

Asterisk 15.x < 15.2.2 Denial of Service Vulnerability (AST-2018-006)

According to its SIP banner, the version of Asterisk running on the remote host is 15.x prior to 15.2.2. It is therefore, affected by a denial of service vulnerability as described in AST-2018-006 advisory. Note that Nessus has not tested for these issues but has instead relied only on the...

Asterisk 13.x < 13.18.1 / 14.x < 14.7.1 / 15.x < 15.1.1 / 13.13 < 13.13-cert7 Multiple Vulnerabilities (AST-2017-009 - AST-2017-011)

According to its SIP banner, the version of Asterisk running on the remote host is 13.x prior to 13.18.1, 14.x prior to 14.7.1, 15.x prior to 15.1.1, or 13.13 prior to 13.13-cert7. It is therefore, affected by multiple vulnerabilities as described in AST-2017-009, AST-2017-010, and AST-2017-011...

Asterisk SIP Channel Driver Invalid SDP Denial of Service (AST-2013-005)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a denial of service vulnerability. The application does not properly handle an invalid SDP in a SIP request if such a request defines media descriptions and then defines...

Asterisk SIP SDP Buffer Overflow (AST-2013-001)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a buffer overflow vulnerability related to SIP SDP headers and h264 video handling. This error could allow execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network...

Asterisk Remote Crash Vulnerability in SIP Channel Driver (AST-2012-006)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a vulnerability that could allow a remote attacker to crash the server. This issue could be exploited by sending an UPDATE over a SIP channel after the channel dialog has been...

Asterisk Heap-Based Buffer Overflow in Skinny Channel Driver (AST-2012-005)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a vulnerability that could allow a remote attacker to crash the server, or possibly inject arbitrary code by sending repeated KEYPADBUTTONMESSAGE events over a Skinny channel ...

Asterisk Manager User Unauthorized Shell Access (AST-2012-004)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a vulnerability that could allow an authenticated, remote attacker to run arbitrary commands with the credentials of the Asterisk server. %NASLMINLEVEL 70300 C Tenable Network...

Asterisk SRTP Video Stream Negotiation Remote Crash (AST-2012-001)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a vulnerability that could allow a remote attacker to crash the server. The vulnerability can be triggered by attempting to negotiate a secure video stream when it has not bee...