Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium asterisk 12.7.1 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2014-8418
The DB dialplan function in Asterisk Open Source 1.8.x prior to 1.8.32, 11.x prior to 11.1.4.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 1.8 prior to 1.8.28-cert8 and 11.6 prior to 11.6-cert8 allows remote authenticated users to gain privileges via a ...
Digium Certified Asterisk 1.8.28
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 11.6
Digium Asterisk
7.5
CVSSv2
CVE-2014-8413
The res_pjsip_acl module in Asterisk Open Source 12.x prior to 12.7.1 and 13.x prior to 13.0.1 does not properly create and load ACLs defined in pjsip.conf at startup, which allows remote malicious users to bypass intended PJSIP ACL rules.
Digium Asterisk
7.1
CVSSv2
CVE-2016-2316
chan_sip in Asterisk Open Source 1.8.x, 11.x prior to 11.21.1, 12.x, and 13.x prior to 13.7.1 and Certified Asterisk 1.8.28, 11.6 prior to 11.6-cert12, and 13.1 prior to 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote malicio...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Digium Asterisk 13.5.0
Digium Asterisk 13.1.0
Digium Asterisk 13.0.1
Digium Asterisk 12.7.1
Digium Asterisk 12.7.0
Digium Asterisk 12.5.0
Digium Asterisk 12.4.0
Digium Asterisk 12.2.0
Digium Asterisk 12.0.0
Digium Asterisk 11.21.0
Digium Asterisk 11.17.0
Digium Asterisk 11.16.0
Digium Asterisk 11.9.0
Digium Asterisk 11.7.0
Digium Asterisk 11.14.0
Digium Asterisk 11.13.0
Digium Asterisk 13.7.0
Digium Asterisk 13.2.0
Digium Asterisk 12.8.1
Digium Asterisk 12.8.0
6.5
CVSSv2
CVE-2014-8417
ConfBridge in Asterisk 11.x prior to 11.14.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 11.6 prior to 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or...
Digium Asterisk
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 11.6
5
CVSSv2
CVE-2014-9374
Double free vulnerability in the WebSocket Server (res_http_websocket module) in Asterisk Open Source 11.x prior to 11.14.2, 12.x prior to 12.7.2, and 13.x prior to 13.0.2 and Certified Asterisk 11.6 prior to 11.6-cert9 allows remote malicious users to cause a denial of service (...
Digium Certified Asterisk 11.6
Digium Certified Asterisk 11.6.0
Digium Asterisk 12.7.0
Digium Asterisk 12.4.0
Digium Asterisk 13.0.0
Digium Asterisk 12.7.1
Digium Asterisk 12.5.0
Digium Asterisk 12.2.0
Digium Asterisk 12.1.0
Digium Asterisk 11.14.0
Digium Asterisk 11.13.0
Digium Asterisk 11.10.0
Digium Asterisk 11.9.0
Digium Asterisk 11.8.0
Digium Asterisk 11.7.0
Digium Asterisk 11.5.0
Digium Asterisk 11.4.0
Digium Asterisk 11.2.0
Digium Asterisk 11.0.0
Digium Asterisk 12.3.0
Digium Asterisk 11.12.0
Digium Asterisk 11.6.0
5
CVSSv2
CVE-2014-8412
The (1) VoIP channel drivers, (2) DUNDi, and (3) Asterisk Manager Interface (AMI) in Asterisk Open Source 1.8.x prior to 1.8.32.1, 11.x prior to 11.14.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 1.8.28 prior to 1.8.28-cert3 and 11.6 prior to 11.6-cert...
Digium Certified Asterisk 11.6
Digium Certified Asterisk 1.8.28.0
Digium Certified Asterisk 1.8.28
Digium Certified Asterisk 11.6.0
Digium Asterisk
5
CVSSv2
CVE-2014-8415
Race condition in the chan_pjsip channel driver in Asterisk Open Source 12.x prior to 12.7.1 and 13.x prior to 13.0.1 allows remote malicious users to cause a denial of service (assertion failure and crash) via a cancel request for a SIP session with a queued action to (1) answer...
Digium Asterisk
5
CVSSv2
CVE-2014-8416
Use-after-free vulnerability in the PJSIP channel driver in Asterisk Open Source 12.x prior to 12.7.1 and 13.x prior to 13.0.1, when using the res_pjsip_refer module, allows remote malicious users to cause a denial of service (crash) via an in-dialog INVITE with Replaces message,...
Digium Asterisk
4.3
CVSSv2
CVE-2015-3008
Asterisk Open Source 1.8 prior to 1.8.32.3, 11.x prior to 11.17.1, 12.x prior to 12.8.2, and 13.x prior to 13.3.2 and Certified Asterisk 1.8.28 prior to 1.8.28-cert5, 11.6 prior to 11.6-cert11, and 13.1 prior to 13.1-cert2, when registering a SIP TLS device, does not properly han...
Digium Asterisk 1.8.0
Digium Asterisk 1.8.1
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.10.0
Digium Asterisk 1.8.10.1
Digium Asterisk 1.8.11.1
Digium Asterisk 1.8.12
Digium Asterisk 1.8.12.2
Digium Asterisk 1.8.13.0
Digium Asterisk 1.8.14.0
Digium Asterisk 1.8.14.1
Digium Asterisk 1.8.16.0
Digium Asterisk 1.8.17.0
Digium Asterisk 1.8.18.0
Digium Asterisk 1.8.19.0
Digium Asterisk 1.8.19.1
Digium Asterisk 1.8.20.0
Digium Asterisk 1.8.21.0
Digium Asterisk 1.8.22.0
Digium Asterisk 1.8.23.1
Digium Asterisk 1.8.24.0
Digium Asterisk 1.8.26.0
4
CVSSv2
CVE-2016-2232
Asterisk Open Source 1.8.x, 11.x prior to 11.21.1, 12.x, and 13.x prior to 13.7.1 and Certified Asterisk 1.8.28, 11.6 prior to 11.6-cert12, and 13.1 prior to 13.1-cert3 allow remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via...
Digium Asterisk 13.7.0
Digium Asterisk 13.4.0
Digium Asterisk 13.6.0
Digium Asterisk 13.2.0
Digium Asterisk 13.1.0
Digium Asterisk 12.8.0
Digium Asterisk 12.6.0
Digium Asterisk 12.5.0
Digium Asterisk 12.3.0
Digium Asterisk 12.2.0
Digium Asterisk 12.1.0
Digium Asterisk 11.19.0
Digium Asterisk 11.18.0
Digium Asterisk 11.9.0
Digium Asterisk 11.8.0
Digium Asterisk 11.7.0
Digium Asterisk 11.2.0
Digium Asterisk 11.14.0
Digium Asterisk 11.11.0
Digium Asterisk 11.10.1
Digium Asterisk 11.1.0
Digium Asterisk 11.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started