Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium certified asterisk vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2014-8417
ConfBridge in Asterisk 11.x prior to 11.14.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 11.6 prior to 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or...
Digium Asterisk
Digium Certified Asterisk 11.6
Digium Certified Asterisk 11.6.0
5
CVSSv2
CVE-2014-8414
ConfBridge in Asterisk 11.x prior to 11.14.1 and Certified Asterisk 11.6 prior to 11.6-cert8 does not properly handle state changes, which allows remote malicious users to cause a denial of service (channel hang and memory consumption) by causing transitions to be delayed, which ...
Digium Asterisk
Digium Certified Asterisk 11.6
Digium Certified Asterisk 11.6.0
5
CVSSv2
CVE-2018-7284
A Buffer Overflow issue exists in Asterisk up to and including 13.19.1, 14.x up to and including 14.7.5, and 15.x up to and including 15.2.1, and Certified Asterisk up to and including 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accept...
Digium Asterisk
Digium Certified Asterisk 13.18
Digium Certified Asterisk
Debian Debian Linux 9.0
1 EDB exploit
1 Github repository
NA
CVE-2023-49294
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk before 18.9-cert6, it is possible to read any arbitrary file even when the `live_dangerously` is not enabled. This al...
Sangoma Certified Asterisk 18.9
Sangoma Certified Asterisk 13.13.0
Sangoma Certified Asterisk 16.8.0
Digium Asterisk 21.0.0
Digium Asterisk
NA
CVE-2023-49786
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk before 18.9-cert6; Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS ...
Sangoma Certified Asterisk 18.9
Sangoma Certified Asterisk 13.13.0
Sangoma Certified Asterisk 16.8.0
Digium Asterisk 21.0.0
Digium Asterisk
NA
CVE-2023-37457
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can excee...
Sangoma Certified Asterisk 18.9
Sangoma Certified Asterisk 13.13.0
Sangoma Certified Asterisk 16.8.0
Digium Asterisk 21.0.0
Digium Asterisk
5
CVSSv2
CVE-2018-12227
An issue exists in Asterisk Open Source 13.x prior to 13.21.1, 14.x prior to 14.7.7, and 15.x prior to 15.4.1 and Certified Asterisk 13.18-cert prior to 13.18-cert4 and 13.21-cert prior to 13.21-cert2. When endpoint specific ACL rules block a SIP request, they respond with a 403 ...
Digium Asterisk
Digium Certified Asterisk 13.18
Digium Certified Asterisk 13.21
Debian Debian Linux 9.0
5
CVSSv2
CVE-2016-9938
An issue exists in Asterisk Open Source 11.x prior to 11.25.1, 13.x prior to 13.13.1, and 14.x prior to 14.2.1 and Certified Asterisk 11.x prior to 11.6-cert16 and 13.x prior to 13.8-cert4. The chan_sip channel driver has a liberal definition for whitespace when attempting to str...
Digium Asterisk 13.1.0
Digium Asterisk 13.2.1
Digium Asterisk 13.8.0
Digium Asterisk 11.14.0
Digium Asterisk 13.7.1
Digium Asterisk 11.2.0
Digium Asterisk 11.21.0
Digium Asterisk 11.22.0
Digium Asterisk 11.10.2
Digium Asterisk 11.0.0
Digium Asterisk 11.1.1
Digium Asterisk 13.1.1
Digium Asterisk 11.21.1
Digium Asterisk 13.4.0
Digium Asterisk 11.10.1
Digium Asterisk 11.16.0
Digium Asterisk 11.11.0
Digium Asterisk 11.12.1
Digium Asterisk 14.0.0
Digium Asterisk 11.23.0
Digium Asterisk 13.2.0
Digium Asterisk 11.0.2
6.5
CVSSv2
CVE-2017-16671
A Buffer Overflow issue exists in Asterisk Open Source 13 prior to 13.18.1, 14 prior to 14.7.1, and 15 prior to 15.1.1 and Certified Asterisk 13.13 prior to 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to...
Digium Asterisk
Digium Certified Asterisk 13.13.0
4.3
CVSSv2
CVE-2017-16672
An issue exists in Asterisk Open Source 13 prior to 13.18.1, 14 prior to 14.7.1, and 15 prior to 15.1.1 and Certified Asterisk 13.13 prior to 13.13-cert7. A memory leak occurs when an Asterisk pjsip session object is created and that call gets rejected before the session itself i...
Digium Asterisk
Digium Certified Asterisk 13.13.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »