Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium asterisk 14.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-9937
An issue exists in Asterisk Open Source 13.12.x and 13.13.x prior to 13.13.1 and 14.x prior to 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself un...
Digium Asterisk 13.13
Digium Asterisk 14.0
Digium Asterisk 14.1
Digium Asterisk 14.1.1
Digium Asterisk 13.12
Digium Asterisk 14.1.2
Digium Asterisk 14.2
Digium Asterisk 14.01
Digium Asterisk 14.02
8.8
CVSSv3
CVE-2017-7617
Remote code execution can occur in Asterisk Open Source 13.x prior to 13.14.1 and 14.x prior to 14.3.1 and Certified Asterisk 13.13 prior to 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI M...
Digium Asterisk 14.3.0
Digium Asterisk 13.10.0
Digium Asterisk 14.0
Digium Asterisk 14.0.0
Digium Asterisk 13.11.0
Digium Asterisk 13.11.1
Digium Asterisk 13.11.2
Digium Asterisk 13.5.0
Digium Asterisk 13.6.0
Digium Asterisk 13.7.0
Digium Asterisk 13.0.0
Digium Asterisk 13.0.1
Digium Asterisk 13.0.2
Digium Asterisk 14.0.2
Digium Asterisk 14.01
Digium Asterisk 14.02
Digium Asterisk 14.1
Digium Asterisk 14.1.0
Digium Asterisk 13.13
Digium Asterisk 13.13.0
Digium Asterisk 13.2.0
Digium Asterisk 13.8.0
7.5
CVSSv3
CVE-2017-14098
In the pjsip channel driver (res_pjsip) in Asterisk 13.x prior to 13.17.1 and 14.x prior to 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash.
Digium Asterisk 13.16.0
Digium Asterisk 13.15.0
Digium Asterisk 13.14.0
Digium Asterisk 13.0.0
Digium Asterisk 13.0.2
Digium Asterisk 13.1.0
Digium Asterisk 13.3.2
Digium Asterisk 13.4.0
Digium Asterisk 13.7.2
Digium Asterisk 13.8.0
Digium Asterisk 13.10.0
Digium Asterisk 13.11.0
Digium Asterisk 13.13
Digium Asterisk 13.14.1
Digium Asterisk 13.1.1
Digium Asterisk 13.2.0
Digium Asterisk 13.2.1
Digium Asterisk 13.3.0
Digium Asterisk 13.8.1
Digium Asterisk 13.8.2
Digium Asterisk 13.9.0
Digium Asterisk 13.9.1
7.5
CVSSv3
CVE-2017-14099
In res/res_rtp_asterisk.c in Asterisk 11.x prior to 11.25.2, 13.x prior to 13.17.1, and 14.x prior to 14.6.1 and Certified Asterisk 11.x prior to 11.6-cert17 and 13.x prior to 13.13-cert5, unauthorized data disclosure (media takeover in the RTP stack) is possible with careful tim...
Digium Asterisk 13.16.0
Digium Asterisk 13.14.0
Digium Asterisk 13.0.1
Digium Asterisk 13.0.2
Digium Asterisk 13.1.0
Digium Asterisk 13.3.0
Digium Asterisk 13.3.2
Digium Asterisk 13.7.0
Digium Asterisk 13.7.1
Digium Asterisk 13.10.0
Digium Asterisk 13.12.2
Digium Asterisk 13.13
Digium Asterisk 13.17.0
Digium Asterisk 13.15.0
Digium Asterisk 13.0.0
Digium Asterisk 13.2.0
Digium Asterisk 13.2.1
Digium Asterisk 13.6.0
Digium Asterisk 13.8.2
Digium Asterisk 13.9.0
Digium Asterisk 13.9.1
Digium Asterisk 13.12.0
9.8
CVSSv3
CVE-2017-14100
In Asterisk 11.x prior to 11.25.2, 13.x prior to 13.17.1, and 14.x prior to 14.6.1 and Certified Asterisk 11.x prior to 11.6-cert17 and 13.x prior to 13.13-cert5, unauthorized command execution is possible. The app_minivm module has an "externnotify" program configurati...
Digium Asterisk 13.15.0
Digium Asterisk 13.13.1
Digium Asterisk 13.0.0
Digium Asterisk 13.1.0
Digium Asterisk 13.4.0
Digium Asterisk 13.5.0
Digium Asterisk 13.8.0
Digium Asterisk 13.11.0
Digium Asterisk 13.11.1
Digium Asterisk 13.16.0
Digium Asterisk 13.15.1
Digium Asterisk 13.14.0
Digium Asterisk 13.0.2
Digium Asterisk 13.3.2
Digium Asterisk 13.7.1
Digium Asterisk 13.7.2
Digium Asterisk 13.10.0
Digium Asterisk 13.13
Digium Asterisk 13.13.0
Digium Asterisk 13.17.0
Digium Asterisk 13.0.1
Digium Asterisk 13.2.0
7.5
CVSSv3
CVE-2017-14603
In Asterisk 11.x prior to 11.25.3, 13.x prior to 13.17.2, and 14.x prior to 14.6.2 and Certified Asterisk 11.x prior to 11.6-cert18 and 13.x prior to 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat&qu...
Digium Asterisk 13.0.2
Digium Asterisk 13.1.0
Digium Asterisk 13.1.1
Digium Asterisk 13.7.1
Digium Asterisk 13.7.2
Digium Asterisk 13.8.0
Digium Asterisk 13.13
Digium Asterisk 13.13.0
Digium Asterisk 13.13.1
Digium Asterisk 13.14.0
Digium Asterisk 13.0.0
Digium Asterisk 13.3.2
Digium Asterisk 13.4.0
Digium Asterisk 13.5.0
Digium Asterisk 13.10.0
Digium Asterisk 13.11.0
Digium Asterisk 13.11.1
Digium Asterisk 13.11.2
Digium Asterisk 13.15.0
Digium Asterisk 13.0.1
Digium Asterisk 13.2.0
Digium Asterisk 13.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started