Known Vulnerabilities for products from Kamailio
Listed below are 9 of the newest known vulnerabilities associated with the vendor "Kamailio".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-39864 json | Not Provided | 2026-04-08 | 2026-04-08 | |
| CVE-2026-39863 json | Not Provided | 2026-04-08 | 2026-04-08 | |
| CVE-2020-28361 json | Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 through 5.2 and other products, allows a b... | 5.4 - MEDIUM | 2020-11-18 | 2020-12-03 |
| CVE-2020-27507 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-03-15 | 2023-05-30 |
| CVE-2018-16657 json | In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault... | 9.8 - CRITICAL | 2018-09-07 | 2020-08-24 |
| CVE-2018-14767 json | In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes... | 9.8 - CRITICAL | 2018-07-31 | 2018-10-04 |
| CVE-2018-8828 json | A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. A specially craf... | 9.8 - CRITICAL | 2018-03-20 | 2020-08-24 |
| CVE-2016-2385 json | Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SE... | 9.8 - CRITICAL | 2016-04-11 | 2018-10-09 |
| CVE-2015-1591 json | The kamailio build in kamailio before 4.2.0-2 process allows local users to gain privileges. | 7.8 - HIGH | 2017-06-27 | 2023-11-07 |
| CVE-2015-1590 json | The kamcmd administrative utility and default configuration in kamailio before 4.3.0 use /tmp/kamailio_ctl. | 7.8 - HIGH | 2017-09-07 | 2017-09-13 |
| CVE-2013-7426 json | Insecure Temporary file vulnerability in /tmp/kamailio_fifo in kamailio 4.0.1. | 9.8 - CRITICAL | 2017-08-29 | 2017-09-02 |
Known software with vulnerabilities from Kamailio
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Kamailio | Kamailio | 0.1 |