Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sandro gauci vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2018-8828
A Buffer Overflow issue exists in Kamailio prior to 4.4.7, 5.0.x prior to 5.0.6, and 5.1.x prior to 5.1.2. A specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in modules/tmx/t...
Kamailio KamailioDebian Debian Linux 9.0Debian Debian Linux 8.0
NA
CVE-2000-1112
Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote malicious users to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability.
Microsoft Windows Media Player 6.4Microsoft Windows Media Player 7
NA
CVE-2011-3315
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x prior to 6.1(5)SU2, 7.x prior to 7.1(5b)SU2, and 8.x prior to 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (U...
Cisco Unified Ip Interactive Voice Response -Cisco Unified Ip Ivr 7.0\\(1\\)Cisco Unified Ip Ivr 7.0\\(2\\)Cisco Unified Ip Ivr 8.0\\(1\\)Cisco Unified Ip Ivr 8.5\\(1\\)Cisco Unified Ip Ivr 6.0\\(1\\)Cisco Unified Ip Ivr 8.0\\(2\\)Cisco Unified Communications Manager 6.1\\(3b\\)Cisco Unified Communications Manager 6.1\\(2\\)Cisco Unified Communications Manager 6.1\\(2\\)su1aCisco Unified Communications Manager 6.1\\(1b\\)Cisco Unified Communications Manager 6.0Cisco Unified Communications Manager 6.1\\(5\\)su1Cisco Unified Communications Manager 7.1\\(3a\\)su1Cisco Unified Communications Manager 7.1\\(3b\\)Cisco Unified Communications Manager 7.1\\(3a\\)Cisco Unified Communications Manager 7.1\\(3\\)Cisco Unified Communications Manager 7.0\\(2a\\)Cisco Unified Communications Manager 7.1\\(2a\\)Cisco Unified Communications Manager 7.1\\(2a\\)su1Cisco Unified Communications Manager 7.1\\(2b\\)Cisco Unified Communications Manager 5.1\\(1\\)
5.9
CVSSv3
CVE-2023-49786
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk before 18.9-cert6; Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS ...
Sangoma Certified Asterisk 18.9Sangoma Certified Asterisk 13.13.0Sangoma Certified Asterisk 16.8.0Digium Asterisk 21.0.0Digium Asterisk
7.5
CVSSv3
CVE-2021-41105
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. When handling SRTP calls, FreeSWITCH prior to version 1.10.7 is susceptible to a DoS where calls ...
Freeswitch Freeswitch
5.3
CVSSv3
CVE-2021-41157
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. By default, SIP requests of the type SUBSCRIBE are not authenticated in the affected versions of ...
Freeswitch Freeswitch
7.5
CVSSv3
CVE-2021-41158
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, an attacker can perform a SIP digest leak attack against FreeSWITCH and ...
Freeswitch Freeswitch
7.5
CVSSv3
CVE-2021-41145
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. FreeSWITCH prior to version 1.10.7 is susceptible to Denial of Service via SIP flooding. When flo...
Freeswitch Freeswitch
7.5
CVSSv3
CVE-2021-37624
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam a...
Freeswitch Freeswitch
7.2
CVSSv3
CVE-2020-26262
Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of `127.x.x.x`. However, it was observed that when sending a `CONNECT` request with the `...
Coturn Project CoturnFedoraproject Fedora 32Fedoraproject Fedora 33
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook