Vulnerabilities > Signalwire

DATE CVE VULNERABILITY TITLE RISK
2023-05-26 CVE-2023-32307 Heap-based Buffer Overflow vulnerability in multiple products
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets.
network
low complexity
signalwire debian CWE-122
7.5
2023-01-19 CVE-2023-22741 Classic Buffer Overflow vulnerability in Signalwire Sofia-Sip
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification.
network
low complexity
signalwire CWE-120
critical
9.8
2022-05-31 CVE-2022-31001 Out-of-bounds Read vulnerability in multiple products
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library.
network
low complexity
signalwire debian CWE-125
7.5
2022-05-31 CVE-2022-31003 Heap-based Buffer Overflow vulnerability in multiple products
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library.
network
low complexity
signalwire debian CWE-122
critical
9.8
2022-05-31 CVE-2022-31002 Out-of-bounds Read vulnerability in multiple products
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library.
network
low complexity
signalwire debian CWE-125
7.5
2021-10-18 CVE-2021-36513 Missing Initialization of Resource vulnerability in Signalwire Freeswitch
An issue was discovered in function sofia_handle_sip_i_notify in sofia.c in SignalWire freeswitch before 1.10.6, may allow attackers to view sensitive information due to an uninitialized value.
network
low complexity
signalwire CWE-909
5.0