Lucene search

K

5 matches found

CVE
CVE
added 2021/07/23 10:15 p.m.161 views

CVE-2021-32686

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and...

5.9CVSS5.8AI score0.0038EPSS
CVE
CVE
added 2023/03/14 5:15 p.m.147 views

CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-...

7.5CVSS7.5AI score0.00394EPSS
CVE
CVE
added 2022/12/20 7:15 p.m.76 views

CVE-2022-23537

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applic...

9.8CVSS7.8AI score0.00191EPSS
CVE
CVE
added 2017/11/17 9:29 a.m.60 views

CVE-2017-16872

An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message (like cseq, ttl, port, etc.) all had the potential to overflow, either causing unintended values to be captured or, if the values were subsequently converted b...

9.8CVSS9.3AI score0.00865EPSS
CVE
CVE
added 2017/11/17 4:29 p.m.57 views

CVE-2017-16875

An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. The ioqueue component may issue a double key unregistration after an attacker initiates a socket connection with specific settings and sequences. Such double key unregistration will trigger an integer overflow,...

7.5CVSS7.7AI score0.00529EPSS