FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, mod_verto's check_auth userauth branch wrote request-supplied userVariables into the co...
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, a single unauthenticated WebSocket frame containing a deeply nested JSON document crashes th...
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, mod_verto's JSON-RPC handler bound the connection to the client-supplied sessid on the ...
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, mod_verto's WebSocket frame loop intercepts a #-prefixed speed-test protocol (#SPU / #S...
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, the mod_verto HTTP request handler allocates a fixed 2 MiB buffer for a POST application/x-w...
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, esl_recv_event() parses Content-Length with atol() and passes the result straight to malloc(...
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser casts...
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, FreeSWITCH includes a vulnerable function, PREFIX(prologTok)(), in libs/xmlrpc-c/lib/expat/x...
Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally.
Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network.
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.