Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium asterisk 15.2.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-7287
An issue exists in res_http_websocket.c in Asterisk 15.x up to and including 15.2.1. If the HTTP server is enabled (default is disabled), WebSocket payloads of size 0 are mishandled (with a busy loop).
Digium Asterisk 15.0.0
Digium Asterisk 15.1.0
Digium Asterisk 15.2.0
Digium Asterisk 15.2.1
Digium Asterisk 15.1.2
Digium Asterisk 15.1.4
Digium Asterisk 15.1.1
Digium Asterisk 15.1.3
Digium Asterisk 15.1.5
5
CVSSv2
CVE-2018-19278
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x prior to 15.6.2 and 16.x prior to 16.0.1 allows remote malicious users to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actua...
Digium Asterisk 15.6.0
Digium Asterisk 15.5.0
Digium Asterisk 15.4.0
Digium Asterisk 15.2.1
Digium Asterisk 15.1.4
Digium Asterisk 15.1.2
Digium Asterisk 15.3.0
Digium Asterisk 15.1.0
Digium Asterisk 15.0.0
Digium Asterisk 16.0.1
Digium Asterisk 16.0.0
Digium Asterisk 15.2.2
Digium Asterisk 15.2.0
Digium Asterisk 15.1.5
Digium Asterisk 15.6.1
Digium Asterisk 15.4.1
Digium Asterisk 15.1.3
1 Github repository
4
CVSSv2
CVE-2018-7286
An issue exists in Asterisk up to and including 13.19.1, 14.x up to and including 14.7.5, and 15.x up to and including 15.2.1, and Certified Asterisk up to and including 13.18-cert2. res_pjsip allows remote authenticated users to crash Asterisk (segmentation fault) by sending a n...
Digium Asterisk
Digium Asterisk 13.19.1
Digium Certified Asterisk
Debian Debian Linux 9.0
1 EDB exploit
5
CVSSv2
CVE-2018-7284
A Buffer Overflow issue exists in Asterisk up to and including 13.19.1, 14.x up to and including 14.7.5, and 15.x up to and including 15.2.1, and Certified Asterisk up to and including 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accept...
Digium Asterisk
Digium Certified Asterisk 13.18
Digium Certified Asterisk
Debian Debian Linux 9.0
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2018-7285
A NULL pointer access issue exists in Asterisk 15.x up to and including 15.2.1. The RTP support in Asterisk maintains its own registry of dynamic codecs and desired payload numbers. While an SDP negotiation may result in a codec using a different payload number, these desired one...
Digium Asterisk
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started