PUB-A-491016892

In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

Enclawed: A Configurable, Sector-Neutral Hardening Framework for Single-User AI Assistant Gateways

We present enclawed, a hard-fork hardening framework built on top of the OpenClaw single-user personal artificial intelligence AI assistant gateway. enclawed targets deployments that need attestable peer trust, deny-by-default external connectivity, signed-module loading, and a tamper-evident aud...

Yokogawa Electric Corporation Vnet/IP Interface 安全漏洞

Yokogawa Electric Corporation Vnet/IP Interface is a real-time control network interface of Yokogawa Corporation. Versions of Yokogawa Electric Corporation Vnet/IP Interface prior to R1.07.00 contained a security vulnerability. This vulnerability stemmed from the handling of malicious data packet...

EUVD-2016-2646

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-14603

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6,...

PT-2024-26003 · Librtp.So · Librtp.So

Name of the Vulnerable Software and Affected Versions: librtp.so versions prior to SMR Jul-2024 Release 1 Description: The issue is related to improper input validation in parsing RTCP RR packets, which can be exploited by remote attackers to trigger a temporary denial of service. User interactio...

CVE-2023-31455

Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort...

Pexip Infinity Security Vulnerability

Pexip Infinity is a cloud collaboration platform for video conferencing from Pexip Norway. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity prior to version 31.2, which stems from incorrect validation of RTCP inputs,...

AMD Ryzen™ Master Security Bulletin

Bulletin ID: AMD-SB-7004 Potential Impact: Varies by CVE, see descriptions below Severity: V aries by CVE, see descriptions below Summary AMD Ryzen™ Master is a software tool that provides users access to advanced settings, such as clock and voltage settings, to control system performance in...

SUSE CVE-2016-1551

ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. Because reference clocks are treated like other peers and stored in the same structure, any packet with a source ip...

SUSE CVE-2018-11355

In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks...

ALPINE-CVE-2022-24786

PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI Reference Picture Selection Indication packet, but any app that directly uses pjmediartcpfbparserpsi will be affected. A patch is available in the...

CVE-2022-21722 Potential out-of-bound read during RTP/RTCP parsing in PJSIP

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially...

UBUNTU-CVE-2021-43804

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length, this declared length is not checked against th...

Denial of Service Vulnerability in Advantech WebAccess Node (CNVD-2021-41708)

Advantech WebAccess Node is a software for monitoring PLCs and other devices from Advantech in Taiwan, China. The product can realize real-time control of equipment status by monitoring PLC and other devices. A denial of service vulnerability exists in Advantech WebAccess Node. An attacker could...

GE RSTi-EP PLC Detection

Binary data 762311.prm...

UBUNTU-CVE-2019-7314

liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash Segmentation fault or possibly have unspecified other impact...

CVE-2018-19072

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file within that...

Polymorph - A Real-Time Network Packet Manipulation Framework With Support For Almost All Existing Protocols

Polymorph is a framework written in Python 3 that allows the modification of network packets in real time, providing maximum control to the user over the contents of the packet. This framework is intended to provide an effective solution for real-time modification of network packets that implemen...

Wireshark Buffer Overflow Vulnerability (CNVD-2018-12180)

Wireshark is a network packet analyzer. Wireshark is a network packet analyzer that captures network packets and displays the most detailed network packet information possible.Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card. A buffer overflow...