← Back

Irontec

irontec

7 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Sngrep
sngrep
6 CVEs
Klear Library
klear-library
1 CVE

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-35434
1Irontec
1Sngrep
Sep 27, 2025
May 29, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
Irontec Sngrep v1.8.1 was discovered to contain a heap buffer overflow via the function rtp_check_packet at /sngrep/src/rtp.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SIP pack...Show more
Irontec Sngrep v1.8.1 was discovered to contain a heap buffer overflow via the function rtp_check_packet at /sngrep/src/rtp.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SIP packet.Show less
CVE-2024-3120
1Irontec
1Sngrep
Feb 3, 2025
Apr 10, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sip_va...Show more
A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sip_validate_packet and sip_parse_extra_headers functions within src/sip.c. This vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via crafted SIP messages.Show less
CVE-2024-3119
1Irontec
1Sngrep
Feb 3, 2025
Apr 10, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in sip.c use the strncpy...Show more
A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the data length. This flaw allows remote attackers to execute arbitrary code or cause a denial of service (DoS) through specially crafted SIP messages. Show less
CVE-2023-36192
1Irontec
1Sngrep
Nov 21, 2024
Jun 23, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_ws_check_packet at /src/capture.c.
CVE-2023-31982
1Irontec
1Sngrep
Jan 28, 2025
May 9, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_packet_reasm_ip at /src/capture.c.
CVE-2023-31981
1Irontec
1Sngrep
Jan 29, 2025
May 9, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packet_set_payload at /src/packet.c.
CVE-2015-10084
1Irontec
1Klear Library
Nov 21, 2024
Feb 21, 2023
N/A· v4
9.8 CRITICAL· v3
5.2 MEDIUM· v2
A vulnerability was found in irontec klear-library chloe and classified as critical. Affected by this issue is the function _prepareWhere of the file Controller/Rest/BaseController.php. The manipulation leads to sql inje...Show more
A vulnerability was found in irontec klear-library chloe and classified as critical. Affected by this issue is the function _prepareWhere of the file Controller/Rest/BaseController.php. The manipulation leads to sql injection. Upgrading to version marla is able to address this issue. The name of the patch is b25262de52fdaffde2a4434fc2a84408b304fbc5. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-221504.Show less