VYPR

Kamailio

by Kamailio

Source repositories

CVEs (15)

  • CVE-2018-16657CriSep 7, 2018
    risk 0.64cvss 9.8epss 0.04

    In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcitt_string_array core function for calculating a CRC hash for To tags. (An…

  • CVE-2013-7426CriAug 29, 2017
    risk 0.64cvss 9.8epss 0.02

    Insecure Temporary file vulnerability in /tmp/kamailio_fifo in kamailio 4.0.1.

  • CVE-2016-2385CriApr 11, 2016
    risk 0.62cvss 9.8epss 0.31

    Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) before 4.3.5 allows remote attackers to cause a denial of service (memory corruption and process crash) or possibly execute arbitrary code via a large…

  • CVE-2018-14767CriJul 31, 2018
    risk 0.59cvss 9.8epss 0.29

    In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "build_res_buf_from_sip_req" core function. This could result in denial of…

  • CVE-2015-1591HigJun 27, 2017
    risk 0.51cvss 7.8epss 0.00

    The kamailio build in kamailio before 4.2.0-2 process allows local users to gain privileges.

  • CVE-2015-1590HigSep 7, 2017
    risk 0.44cvss 7.8epss 0.00

    The kamcmd administrative utility and default configuration in kamailio before 4.3.0 use /tmp/kamailio_ctl.

  • CVE-2026-39863HigApr 8, 2026
    risk 0.42cvss 7.5epss 0.00

    Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted data…

  • CVE-2025-12205MedOct 27, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was detected in Kamailio 5.5. The affected element is the function sr_push_yy_state of the file src/core/cfg.lex of the component Configuration File Handler. The manipulation results in use after free. The attack must be initiated from a local position. The…

  • CVE-2025-12204MedOct 27, 2025
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in Kamailio 5.5. Impacted is the function rve_destroy of the file src/core/rvalue.c of the component Configuration File Handler. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit…

  • CVE-2026-39864MedApr 8, 2026
    risk 0.22cvss 4.4epss 0.00

    Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted SIP packet…

  • CVE-2025-12207LowOct 27, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in Kamailio 5.5. This affects the function yyerror_at of the file src/core/cfg.y of the component Grammar Rule Handler. Such manipulation leads to null pointer dereference. The attack needs to be performed locally. The exploit has been disclosed to…

  • CVE-2025-12206LowOct 27, 2025
    risk 0.21cvss 3.3epss 0.00

    A flaw has been found in Kamailio 5.5. The impacted element is the function rve_is_constant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still…

  • CVE-2018-8828CriMar 20, 2018
    risk 0.03cvss 9.8epss 0.31

    A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. A specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in…

  • CVE-2020-27507Mar 15, 2023
    risk 0.00cvss epss 0.01

    The Kamailio SIP before 5.5.0 server mishandles INVITE requests with duplicated fields and overlength tag, leading to a buffer overflow that crashes the server or possibly have unspecified other impact.

  • CVE-2020-28361Nov 18, 2020
    risk 0.00cvss epss 0.01

    Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the remove_hf function in the Kamailio textops module. Particular…