Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asterisk certified asterisk vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2021-37706
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not ch...
Teluu Pjsip
Asterisk Certified Asterisk 16.8.0
Asterisk Certified Asterisk
Sangoma Asterisk
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9
CVSSv2
CVE-2019-18610
An issue exists in manager.c in Sangoma Asterisk up to and including 13.x, 16.x, 17.x and Certified Asterisk 13.21 up to and including 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AM...
Digium Certified Asterisk 13.21.0
Digium Asterisk
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9
CVSSv2
CVE-2014-8418
The DB dialplan function in Asterisk Open Source 1.8.x prior to 1.8.32, 11.x prior to 11.1.4.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 1.8 prior to 1.8.28-cert8 and 11.6 prior to 11.6-cert8 allows remote authenticated users to gain privileges via a ...
Digium Certified Asterisk 1.8.28
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 11.6
Digium Asterisk
9
CVSSv2
CVE-2012-2186
Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x prior to 1.8.15.1 and 10.x prior to 10.7.1, Certified Asterisk 1.8.11 prior to 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones prior to 10.7.1-digiumphones, and Asterisk Business Edition C....
Asterisk Open Source 1.8.7
Asterisk Open Source 1.8.10.1
Asterisk Open Source 1.8.10.0
Asterisk Open Source 1.8.3
Asterisk Open Source 1.8.2
Asterisk Open Source 1.8.1
Asterisk Open Source 1.8.5.0
Asterisk Open Source 1.8.6.0
Asterisk Open Source 1.8.4
Asterisk Open Source 1.8.8.0
Asterisk Open Source 1.8.9.0
Asterisk Open Source 1.8.7.0
Asterisk Open Source 1.8.1.2
Asterisk Open Source 1.8.12.0
Asterisk Open Source 1.8.0
Asterisk Open Source 1.8.9.2
Asterisk Open Source 1.8.11.1
Asterisk Open Source 1.8.2.3
Asterisk Open Source 1.8.2.2
Asterisk Open Source 1.8.4.2
Asterisk Open Source 1.8.4.3
Asterisk Open Source 1.8.3.1
7.5
CVSSv2
CVE-2022-26651
An issue exists in Asterisk up to and including 19.x and Certified Asterisk up to and including 16.8-cert13. The func_odbc module provides possibly inadequate escaping functionality for backslash characters in SQL queries, resulting in user-provided data creating a broken SQL que...
Digium Certified Asterisk 16.8
Digium Asterisk
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multipl...
Teluu Pjsip
Asterisk Certified Asterisk 16.8.0
Asterisk Certified Asterisk
Sangoma Asterisk
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2017-14100
In Asterisk 11.x prior to 11.25.2, 13.x prior to 13.17.1, and 14.x prior to 14.6.1 and Certified Asterisk 11.x prior to 11.6-cert17 and 13.x prior to 13.13-cert5, unauthorized command execution is possible. The app_minivm module has an "externnotify" program configurati...
Digium Asterisk 13.15.0
Digium Asterisk 13.13.1
Digium Asterisk 13.0.0
Digium Asterisk 13.1.0
Digium Asterisk 13.4.0
Digium Asterisk 13.5.0
Digium Asterisk 13.8.0
Digium Asterisk 13.11.0
Digium Asterisk 13.11.1
Digium Asterisk 13.16.0
Digium Asterisk 13.15.1
Digium Asterisk 13.14.0
Digium Asterisk 13.0.2
Digium Asterisk 13.3.2
Digium Asterisk 13.7.1
Digium Asterisk 13.7.2
Digium Asterisk 13.10.0
Digium Asterisk 13.13
Digium Asterisk 13.13.0
Digium Asterisk 13.17.0
Digium Asterisk 13.0.1
Digium Asterisk 13.2.0
7.5
CVSSv2
CVE-2014-2286
main/http.c in Asterisk Open Source 1.8.x prior to 1.8.26.1, 11.8.x prior to 11.8.1, and 12.1.x prior to 12.1.1, and Certified Asterisk 1.8.x prior to 1.8.15-cert5 and 11.6 prior to 11.6-cert2, allows remote malicious users to cause a denial of service (stack consumption) and pos...
Digium Asterisk 12.1.0
Digium Asterisk 1.8.26.0
Digium Asterisk 1.8.25.0
Digium Asterisk 1.8.22.0
Digium Asterisk 1.8.21.0
Digium Asterisk 1.8.15.0
Digium Asterisk 1.8.14.1
Digium Asterisk 1.8.14.0
Digium Asterisk 1.8.0
Digium Asterisk 1.8.10.0
Digium Asterisk 1.8.10.1
Digium Asterisk 1.8.11.0
Digium Asterisk 1.8.15.1
Digium Asterisk 1.8.19.0
Digium Asterisk 1.8.19.1
Digium Asterisk 1.8.2
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.4
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.4.2
Digium Asterisk 1.8.8.0
Fedoraproject Fedora 19
7.1
CVSSv2
CVE-2016-2316
chan_sip in Asterisk Open Source 1.8.x, 11.x prior to 11.21.1, 12.x, and 13.x prior to 13.7.1 and Certified Asterisk 1.8.28, 11.6 prior to 11.6-cert12, and 13.1 prior to 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote malicio...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Digium Asterisk 13.5.0
Digium Asterisk 13.1.0
Digium Asterisk 13.0.1
Digium Asterisk 12.7.1
Digium Asterisk 12.7.0
Digium Asterisk 12.5.0
Digium Asterisk 12.4.0
Digium Asterisk 12.2.0
Digium Asterisk 12.0.0
Digium Asterisk 11.21.0
Digium Asterisk 11.17.0
Digium Asterisk 11.16.0
Digium Asterisk 11.9.0
Digium Asterisk 11.7.0
Digium Asterisk 11.14.0
Digium Asterisk 11.13.0
Digium Asterisk 13.7.0
Digium Asterisk 13.2.0
Digium Asterisk 12.8.1
Digium Asterisk 12.8.0
6.5
CVSSv2
CVE-2017-16671
A Buffer Overflow issue exists in Asterisk Open Source 13 prior to 13.18.1, 14 prior to 14.7.1, and 15 prior to 15.1.1 and Certified Asterisk 13.13 prior to 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to...
Digium Asterisk
Digium Certified Asterisk 13.13.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »