Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pjsip pjsip vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2021-43845
PJSIP is a free and open source multimedia communication library. In version 2.11.1 and prior, if incoming RTCP XR message contain block, the data field is not checked against the received packet size, potentially resulting in an out-of-bound read access. This affects all users t...
Teluu Pjsip
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
445
VMScore
CVE-2022-26498
An issue exists in Asterisk up to and including 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, an...
Digium Asterisk
Debian Debian Linux 10.0
Debian Debian Linux 11.0
445
VMScore
CVE-2022-24763
PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP's XML parsing in their apps. Users are advised to update. There are no kn...
Pjsip Pjsip
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
445
VMScore
CVE-2022-24764
PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API `pjmedia_sdp_print(), pjmedia_sdp_media_print()`. Applications that do not use...
Teluu Pjsip
Debian Debian Linux 9.0
Debian Debian Linux 10.0
445
VMScore
CVE-2021-32558
An issue exists in Sangoma Asterisk 13.x prior to 13.38.3, 16.x prior to 16.19.1, 17.x prior to 17.9.4, and 18.x prior to 18.5.1, and Certified Asterisk prior to 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
Digium Certified Asterisk 16.8
Digium Asterisk
Debian Debian Linux 9.0
Debian Debian Linux 11.0
445
VMScore
CVE-2018-1000099
Teluu PJSIP version 2.7.1 and previous versions contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fix...
Teluu Pjsip
Debian Debian Linux 9.0
445
VMScore
CVE-2018-1000098
Teluu PJSIP version 2.7.1 and previous versions contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.
Teluu Pjsip
Debian Debian Linux 9.0
445
VMScore
CVE-2017-17850
An issue exists in Asterisk 13.18.4 and older, 14.7.4 and older, 15.1.4 and older, and 13.18-cert1 and older. A select set of SIP messages create a dialog in Asterisk. Those SIP messages must contain a contact header. For those messages, if the header was not present and the PJSI...
Digium Asterisk
Digium Certified Asterisk 13.1.0
Digium Certified Asterisk 13.8
445
VMScore
CVE-2017-16875
An issue exists in Teluu pjproject (pjlib and pjlib-util) in PJSIP prior to 2.7.1. The ioqueue component may issue a double key unregistration after an attacker initiates a socket connection with specific settings and sequences. Such double key unregistration will trigger an inte...
Teluu Pjsip
445
VMScore
CVE-2017-14098
In the pjsip channel driver (res_pjsip) in Asterisk 13.x prior to 13.17.1 and 14.x prior to 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash.
Digium Asterisk 13.1.0
Digium Asterisk 13.2.1
Digium Asterisk 13.8.0
Digium Asterisk 13.15.0
Digium Asterisk 13.7.0
Digium Asterisk 13.7.1
Digium Asterisk 13.12
Digium Asterisk 13.1.1
Digium Asterisk 13.14.0
Digium Asterisk 13.4.0
Digium Asterisk 13.17.0
Digium Asterisk 13.2.0
Digium Asterisk 13.3.2
Digium Asterisk 13.0.1
Digium Asterisk 13.10.0
Digium Asterisk 13.6.0
Digium Asterisk 13.0.0
Digium Asterisk 13.11.1
Digium Asterisk 13.13.1
Digium Asterisk 13.11.0
Digium Asterisk 13.9.0
Digium Asterisk 13.12.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »