Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pjsip pjsip vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-46837
res_pjsip_t38 in Sangoma Asterisk 16.x prior to 16.16.2, 17.x prior to 17.9.3, and 18.x prior to 18.2.2, and Certified Asterisk prior to 16.8-cert7, allows an malicious user to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by...
Asterisk Certified Asterisk 16.8.0
Digium Asterisk
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2021-31878
An issue exists in PJSIP in Asterisk prior to 16.19.1 and prior to 18.5.1. To exploit, a re-INVITE without SDP must be received after Asterisk has sent a BYE request.
Digium Asterisk 16.17.0
Digium Asterisk 16.18.0
Digium Asterisk 16.19.0
Digium Asterisk 18.3.0
Digium Asterisk 18.4.0
Digium Asterisk 18.5.0
6.5
CVSSv3
CVE-2021-21375
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP version 2.10 and previous versions, after an initial INVITE has been sent, when two 183 responses are ...
Teluu Pjsip
Debian Debian Linux 9.0
5.9
CVSSv3
CVE-2021-32686
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition b...
Teluu Pjsip
Debian Debian Linux 9.0
Debian Debian Linux 11.0
5.9
CVSSv3
CVE-2021-26906
An issue exists in res_pjsip_session.c in Digium Asterisk up to and including 13.38.1; 14.x, 15.x, and 16.x up to and including 16.16.0; 17.x up to and including 17.9.1; and 18.x up to and including 18.2.0, and Certified Asterisk up to and including 16.8-cert5. An SDP negotiation...
Digium Asterisk
Digium Certified Asterisk 16.8
5.9
CVSSv3
CVE-2017-16672
An issue exists in Asterisk Open Source 13 prior to 13.18.1, 14 prior to 14.7.1, and 15 prior to 15.1.1 and Certified Asterisk 13.13 prior to 13.13-cert7. A memory leak occurs when an Asterisk pjsip session object is created and that call gets rejected before the session itself i...
Digium Asterisk
Digium Certified Asterisk 13.13.0
4.9
CVSSv3
CVE-2022-29330
Missing access control in the backup system of Telesoft VitalPBX prior to 3.2.1 allows malicious users to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors.
Vitalpbx Vitalpbx
NA
CVE-2024-35190
Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is fixed in 18.23.1, 20.8.1, and 21.3.1.
NA
CVE-2015-1558
Asterisk Open Source 12.x prior to 12.8.1 and 13.x prior to 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service (file descriptor consumption) via an SDP offer containing only incomp...
Digium Asterisk 12.0.0
Digium Asterisk 12.2.0
Digium Asterisk 12.4.0
Digium Asterisk 12.5.0
Digium Asterisk 12.8.0
Digium Asterisk 13.2.0
Digium Asterisk 12.1.0
Digium Asterisk 12.3.0
Digium Asterisk 12.6.0
Digium Asterisk 12.7.0
Digium Asterisk 13.0.0
Digium Asterisk 13.1.0
Digium Asterisk 12.1.1
Digium Asterisk 12.3.1
Digium Asterisk 12.3.2
Digium Asterisk 12.8.1
NA
CVE-2014-8416
Use-after-free vulnerability in the PJSIP channel driver in Asterisk Open Source 12.x prior to 12.7.1 and 13.x prior to 13.0.1, when using the res_pjsip_refer module, allows remote malicious users to cause a denial of service (crash) via an in-dialog INVITE with Replaces message,...
Digium Asterisk
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »