Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium certified asterisk 11.6 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2014-8418
The DB dialplan function in Asterisk Open Source 1.8.x prior to 1.8.32, 11.x prior to 11.1.4.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 1.8 prior to 1.8.28-cert8 and 11.6 prior to 11.6-cert8 allows remote authenticated users to gain privileges via a ...
Digium Certified Asterisk 1.8.28
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 11.6
Digium Asterisk
7.5
CVSSv2
CVE-2017-14100
In Asterisk 11.x prior to 11.25.2, 13.x prior to 13.17.1, and 14.x prior to 14.6.1 and Certified Asterisk 11.x prior to 11.6-cert17 and 13.x prior to 13.13-cert5, unauthorized command execution is possible. The app_minivm module has an "externnotify" program configurati...
Digium Asterisk 13.15.0
Digium Asterisk 13.13.1
Digium Asterisk 13.0.0
Digium Asterisk 13.1.0
Digium Asterisk 13.4.0
Digium Asterisk 13.5.0
Digium Asterisk 13.8.0
Digium Asterisk 13.11.0
Digium Asterisk 13.11.1
Digium Asterisk 13.16.0
Digium Asterisk 13.15.1
Digium Asterisk 13.14.0
Digium Asterisk 13.0.2
Digium Asterisk 13.3.2
Digium Asterisk 13.7.1
Digium Asterisk 13.7.2
Digium Asterisk 13.10.0
Digium Asterisk 13.13
Digium Asterisk 13.13.0
Digium Asterisk 13.17.0
Digium Asterisk 13.0.1
Digium Asterisk 13.2.0
7.5
CVSSv2
CVE-2014-2286
main/http.c in Asterisk Open Source 1.8.x prior to 1.8.26.1, 11.8.x prior to 11.8.1, and 12.1.x prior to 12.1.1, and Certified Asterisk 1.8.x prior to 1.8.15-cert5 and 11.6 prior to 11.6-cert2, allows remote malicious users to cause a denial of service (stack consumption) and pos...
Digium Asterisk 12.1.0
Digium Asterisk 1.8.26.0
Digium Asterisk 1.8.25.0
Digium Asterisk 1.8.22.0
Digium Asterisk 1.8.21.0
Digium Asterisk 1.8.15.0
Digium Asterisk 1.8.14.1
Digium Asterisk 1.8.14.0
Digium Asterisk 1.8.0
Digium Asterisk 1.8.10.0
Digium Asterisk 1.8.10.1
Digium Asterisk 1.8.11.0
Digium Asterisk 1.8.15.1
Digium Asterisk 1.8.19.0
Digium Asterisk 1.8.19.1
Digium Asterisk 1.8.2
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.4
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.4.2
Digium Asterisk 1.8.8.0
Fedoraproject Fedora 19
7.1
CVSSv2
CVE-2016-2316
chan_sip in Asterisk Open Source 1.8.x, 11.x prior to 11.21.1, 12.x, and 13.x prior to 13.7.1 and Certified Asterisk 1.8.28, 11.6 prior to 11.6-cert12, and 13.1 prior to 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote malicio...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Digium Asterisk 13.5.0
Digium Asterisk 13.1.0
Digium Asterisk 13.0.1
Digium Asterisk 12.7.1
Digium Asterisk 12.7.0
Digium Asterisk 12.5.0
Digium Asterisk 12.4.0
Digium Asterisk 12.2.0
Digium Asterisk 12.0.0
Digium Asterisk 11.21.0
Digium Asterisk 11.17.0
Digium Asterisk 11.16.0
Digium Asterisk 11.9.0
Digium Asterisk 11.7.0
Digium Asterisk 11.14.0
Digium Asterisk 11.13.0
Digium Asterisk 13.7.0
Digium Asterisk 13.2.0
Digium Asterisk 12.8.1
Digium Asterisk 12.8.0
6.5
CVSSv2
CVE-2014-8417
ConfBridge in Asterisk 11.x prior to 11.14.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 11.6 prior to 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or...
Digium Asterisk
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 11.6
6.5
CVSSv2
CVE-2014-4046
Asterisk Open Source 11.x prior to 11.10.1 and 12.x prior to 12.3.1 and Certified Asterisk 11.6 prior to 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action.
Digium Asterisk 11.9.0
Digium Asterisk 11.0.0
Digium Asterisk 11.1.2
Digium Asterisk 11.2.0
Digium Asterisk 11.4.0
Digium Asterisk 11.5.0
Digium Asterisk 11.8.0
Digium Asterisk 11.8.1
Digium Asterisk 11.0.1
Digium Asterisk 11.3.0
Digium Asterisk 11.1.0
Digium Asterisk 11.1.1
Digium Asterisk 11.10.0
Digium Asterisk 11.0.2
Digium Asterisk 11.5.1
Digium Asterisk 12.2.0
Digium Asterisk 12.0.0
Digium Asterisk 12.3.0
Digium Asterisk 12.1.0
Digium Asterisk 12.1.1
Digium Certified Asterisk 11.6
Digium Certified Asterisk 11.6.0
5
CVSSv2
CVE-2018-17281
There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk up to and including 13.23.0, 14.7.x up to and including 14.7.7, and 15.x up to and including 15.6.0 and Certified Asterisk up to and including 13.21-cert2. It allows an malicious user to cr...
Digium Asterisk
Digium Certified Asterisk 13.13
Digium Certified Asterisk 13.1
Digium Certified Asterisk 11.6
Digium Certified Asterisk 13.21
Digium Certified Asterisk 13.8
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2017-14603
In Asterisk 11.x prior to 11.25.3, 13.x prior to 13.17.2, and 14.x prior to 14.6.2 and Certified Asterisk 11.x prior to 11.6-cert18 and 13.x prior to 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat&qu...
Digium Asterisk 13.0.2
Digium Asterisk 13.1.0
Digium Asterisk 13.1.1
Digium Asterisk 13.7.1
Digium Asterisk 13.7.2
Digium Asterisk 13.8.0
Digium Asterisk 13.13
Digium Asterisk 13.13.0
Digium Asterisk 13.13.1
Digium Asterisk 13.14.0
Digium Asterisk 13.0.0
Digium Asterisk 13.3.2
Digium Asterisk 13.4.0
Digium Asterisk 13.5.0
Digium Asterisk 13.10.0
Digium Asterisk 13.11.0
Digium Asterisk 13.11.1
Digium Asterisk 13.11.2
Digium Asterisk 13.15.0
Digium Asterisk 13.0.1
Digium Asterisk 13.2.0
Digium Asterisk 13.3.0
5
CVSSv2
CVE-2017-14099
In res/res_rtp_asterisk.c in Asterisk 11.x prior to 11.25.2, 13.x prior to 13.17.1, and 14.x prior to 14.6.1 and Certified Asterisk 11.x prior to 11.6-cert17 and 13.x prior to 13.13-cert5, unauthorized data disclosure (media takeover in the RTP stack) is possible with careful tim...
Digium Asterisk 13.16.0
Digium Asterisk 13.14.0
Digium Asterisk 13.0.1
Digium Asterisk 13.0.2
Digium Asterisk 13.1.0
Digium Asterisk 13.3.0
Digium Asterisk 13.3.2
Digium Asterisk 13.7.0
Digium Asterisk 13.7.1
Digium Asterisk 13.10.0
Digium Asterisk 13.12.2
Digium Asterisk 13.13
Digium Asterisk 13.17.0
Digium Asterisk 13.15.0
Digium Asterisk 13.0.0
Digium Asterisk 13.2.0
Digium Asterisk 13.2.1
Digium Asterisk 13.6.0
Digium Asterisk 13.8.2
Digium Asterisk 13.9.0
Digium Asterisk 13.9.1
Digium Asterisk 13.12.0
5
CVSSv2
CVE-2016-7551
chain_sip in Asterisk Open Source 11.x prior to 11.23.1 and 13.x 13.11.1 and Certified Asterisk 11.6 prior to 11.6-cert15 and 13.8 prior to 13.8-cert3 allows remote malicious users to cause a denial of service (port exhaustion).
Digium Asterisk 11.0.0
Digium Asterisk 11.0.1
Digium Asterisk 11.0.2
Digium Asterisk 11.1.0
Digium Asterisk 11.6.0
Digium Asterisk 11.6.1
Digium Asterisk 11.7.0
Digium Asterisk 11.8.0
Digium Asterisk 11.15.0
Digium Asterisk 11.15.1
Digium Asterisk 11.16.0
Digium Asterisk 11.17.0
Digium Asterisk 13.0.0
Digium Asterisk 13.0.1
Digium Asterisk 13.7.2
Digium Asterisk 13.8.0
Digium Asterisk 13.8.1
Digium Asterisk 11.1.1
Digium Asterisk 11.3.0
Digium Asterisk 11.5.0
Digium Asterisk 11.9.0
Digium Asterisk 11.10.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »