Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Pjsip Security Vulnerabilities

cve
cve

CVE-2015-2003

The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.

9.8CVSS

9.4AI Score

0.005EPSS

2018-03-29 06:29 PM
24
cve
cve

CVE-2022-23547

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affe...

9.8CVSS

9.2AI Score

0.002EPSS

2022-12-23 03:15 PM
45
cve
cve

CVE-2022-24763

PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP's XML parsing in their apps. Users are advised to update. There are no known workarounds.

7.5CVSS

8.3AI Score

0.004EPSS

2022-03-30 09:15 PM
101
3
cve
cve

CVE-2022-24786

PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmedia_rtcp_fb_parse_rpsi() will be affected. A patch is available i...

9.8CVSS

9.3AI Score

0.008EPSS

2022-04-06 02:15 PM
92
6
cve
cve

CVE-2022-24793

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is related to CVE-2023-275...

7.5CVSS

7.5AI Score

0.006EPSS

2022-04-06 02:15 PM
120
4
cve
cve

CVE-2022-39244

PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been patc...

9.8CVSS

9.5AI Score

0.003EPSS

2022-10-06 06:16 PM
66
3
cve
cve

CVE-2022-39269

PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users that ...

9.1CVSS

9.3AI Score

0.001EPSS

2022-10-06 06:16 PM
68
2