Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pjsip pjsip vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2022-21723
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potential...
Teluu Pjsip
Asterisk Certified Asterisk 16.8.0
Sangoma Asterisk
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multipl...
Teluu Pjsip
Asterisk Certified Asterisk 16.8.0
Asterisk Certified Asterisk
Sangoma Asterisk
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2021-37706
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not ch...
Teluu Pjsip
Asterisk Certified Asterisk 16.8.0
Asterisk Certified Asterisk
Sangoma Asterisk
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2021-31878
An issue exists in PJSIP in Asterisk prior to 16.19.1 and prior to 18.5.1. To exploit, a re-INVITE without SDP must be received after Asterisk has sent a BYE request.
Digium Asterisk 16.17.0
Digium Asterisk 16.18.0
Digium Asterisk 16.19.0
Digium Asterisk 18.3.0
Digium Asterisk 18.4.0
Digium Asterisk 18.5.0
5.9
CVSSv3
CVE-2021-26906
An issue exists in res_pjsip_session.c in Digium Asterisk up to and including 13.38.1; 14.x, 15.x, and 16.x up to and including 16.16.0; 17.x up to and including 17.9.1; and 18.x up to and including 18.2.0, and Certified Asterisk up to and including 16.8-cert5. An SDP negotiation...
Digium Asterisk
Digium Certified Asterisk 16.8
7.5
CVSSv3
CVE-2017-9372
PJSIP, as used in Asterisk Open Source 13.x prior to 13.15.1 and 14.x prior to 14.4.1, Certified Asterisk 13.13 prior to 13.13-cert4, and other products, allows remote malicious users to cause a denial of service (buffer overflow and application crash) via a SIP packet with a cra...
Digium Open Source 13.1.0
Digium Open Source 13.5.0
Digium Open Source 13.6.0
Digium Open Source 13.9.0
Digium Open Source 13.14.0
Digium Open Source 13.15.0
Digium Open Source 13.0.0
Digium Open Source 13.4.0
Digium Open Source 13.8.1
Digium Open Source 13.8.2
Digium Open Source 13.12.2
Digium Open Source 13.13.0
Digium Open Source 13.3.0
Digium Open Source 13.8.0
Digium Open Source 13.12.0
Digium Open Source 13.12.1
Digium Open Source 13.2.0
Digium Open Source 13.7.0
Digium Open Source 13.10.0
Digium Open Source 13.11.0
Digium Open Source 14.0.0
Digium Open Source 14.2.1
7.5
CVSSv3
CVE-2017-17850
An issue exists in Asterisk 13.18.4 and older, 14.7.4 and older, 15.1.4 and older, and 13.18-cert1 and older. A select set of SIP messages create a dialog in Asterisk. Those SIP messages must contain a contact header. For those messages, if the header was not present and the PJSI...
Digium Asterisk
Digium Certified Asterisk 13.8
Digium Certified Asterisk 13.1.0
7.5
CVSSv3
CVE-2021-32558
An issue exists in Sangoma Asterisk 13.x prior to 13.38.3, 16.x prior to 16.19.1, 17.x prior to 17.9.4, and 18.x prior to 18.5.1, and Certified Asterisk prior to 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
Digium Asterisk
Digium Certified Asterisk 16.8
Debian Debian Linux 9.0
Debian Debian Linux 11.0
NA
CVE-2014-2288
The PJSIP channel driver in Asterisk Open Source 12.x prior to 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS request," allows remote malicious users to cause a denial of service (cra...
Digium Asterisk 12.1.0
Digium Asterisk 12.0.0
8.8
CVSSv3
CVE-2017-16671
A Buffer Overflow issue exists in Asterisk Open Source 13 prior to 13.18.1, 14 prior to 14.7.1, and 15 prior to 15.1.1 and Certified Asterisk 13.13 prior to 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to...
Digium Asterisk
Digium Certified Asterisk 13.13.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »