Lucene search
K

15 matches found

OSV
OSV
added 2026/05/07 8:16 p.m.7 views

UBUNTU-CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS5.7AI score0.00161EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/07 6:47 p.m.7 views

CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS5.7AI score0.00161EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/04/27 2:16 p.m.8 views

CVE-2026-41081

Improper Handling of TLS Client Authentication Failure Leading to Anonymous Principal Assignment in Apache Storm Versions Affected: up to 2.8.7 Description: When TLS transport is enabled in Apache Storm without requiring client certificate authentication the default configuration, the...

6.5CVSS0.00286EPSS
Exploits0References2
CVE
CVE
added 2026/03/20 3:37 a.m.8 views

CVE-2026-32941

Sliver C2 framework (git: github.com/bishopfox/sliver) is affected. Versions 1.7.3 and earlier expose a Remote OOM due to memory allocation based on an attacker-controlled 4‑byte length prefix in the mTLS and WireGuard C2 transports. The socketReadEnvelope and socketWGReadEnvelope code paths trus...

7.1CVSS5.8AI score0.00298EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.4 views

PT-2026-26148

Name of the Vulnerable Software and Affected Versions Sliver versions 1.7.3 and below Description Sliver is a command and control framework that utilizes a custom Wireguard network stack. Versions 1.7.3 and below contain a Remote Out-of-Memory OOM issue in the mTLS and WireGuard C2 transport laye...

7.1CVSS5.8AI score0.00298EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-6575

Malware in sbrugna...

9.3CVSS8.1AI score0.01506EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/13 5:34 p.m.5 views

CVE-2024-38823

Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to...

2.7CVSS3.5AI score0.00214EPSS
Exploits0References2
Kitploit
Kitploit
added 2022/02/05 8:30 p.m.44 views

SentryPeer - A Distributed Peer To Peer List Of Bad Actor IP Addresses And Phone Numbers Collected Via A SIP Honeypot

A distributed list of bad actor IP addresses and phone numbers collected via a SIP Honeypot. Introduction This is basically a fraud detection tool. It lets bad actors try to make phone calls and saves the IP address they came from and number they tried to call. Those details are then used to bloc...

7.1AI score
Exploits0References13
OSV
OSV
added 2021/03/10 11:15 p.m.2 views

DEBIAN-CVE-2020-15260

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.10 and earlier, PJSIP transport can be reused if they have the same IP address + port + protocol. However, this is...

6.8CVSS7.7AI score0.00991EPSS
Exploits0References1
Prion
Prion
added 2017/11/27 4:29 p.m.19 views

Spoofing

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

9.3CVSS8.4AI score0.01506EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2017/11/27 4:29 p.m.52 views

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

9.3CVSS7.1AI score0.01506EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/27 4:0 p.m.43 views

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

8.5AI score0.01506EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2017/11/15 5:23 a.m.28 views

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use TLS transport, it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured, this allows these services to connect to libvirtd which is equivalent to root access...

9.3CVSS3.7AI score0.01506EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.26 views

Scientific Linux Security Update : rsyslog on SL6.x i386/x86_64 (20120620)

The rsyslog packages provide an enhanced, multi-threaded syslog daemon. A numeric truncation error, leading to a heap-based buffer overflow, was found in the way the rsyslog imfile module processed text files containing long lines. An attacker could use this flaw to crash the rsyslogd daemon or,...

2.1CVSS6.3AI score0.0042EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.22 views

CentOS Update for rsyslog CESA-2012:0796 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

2.1CVSS5.2AI score0.0042EPSS
Exploits0References2
Rows per page
Query Builder