Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium asterisk vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-15639
main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote malicious user to send a specific RTP packet during a call and cause a crash in a specific scenario.
Digium Asterisk
4
CVSSv2
CVE-2019-12827
Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and previous versions allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.
Digium Certified Asterisk 13.21
Digium Asterisk
3.5
CVSSv2
CVE-2019-13161
An issue exists in Asterisk Open Source up to and including 13.27.0, 14.x and 15.x up to and including 15.7.2, and 16.x up to and including 16.4.0, and Certified Asterisk up to and including 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an m...
Digium Certified Asterisk 11.6
Digium Certified Asterisk 1.8.14.0
Digium Certified Asterisk 11.4.0
Digium Certified Asterisk 13.1.0
Digium Certified Asterisk 11.1.0
Digium Certified Asterisk 1.8.0.0
Digium Certified Asterisk 1.8.10.0
Digium Certified Asterisk 1.8.6.0
Digium Certified Asterisk 1.8.11
Digium Certified Asterisk 13.8
Digium Certified Asterisk 1.8.8.0
Digium Certified Asterisk 1.8.12.0
Digium Certified Asterisk 1.8.3.0
Digium Certified Asterisk 1.8.15
Digium Certified Asterisk 11.3.0
Digium Certified Asterisk 1.8.11.0
Digium Certified Asterisk 1.8.4.0
Digium Certified Asterisk 1.8.5.0
Digium Certified Asterisk 1.8.13.0
Digium Certified Asterisk 1.8.28
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 1.8.1.0
5
CVSSv2
CVE-2016-7550
asterisk 13.10.0 is affected by: denial of service issues in asterisk. The impact is: cause a denial of service (remote).
Digium Asterisk 13.10.0
4
CVSSv2
CVE-2019-7251
An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and previous versions and 16.1.1 and previous versions allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.
Digium Asterisk
5
CVSSv2
CVE-2018-19278
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x prior to 15.6.2 and 16.x prior to 16.0.1 allows remote malicious users to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actua...
Digium Asterisk 15.6.0
Digium Asterisk 15.5.0
Digium Asterisk 15.4.0
Digium Asterisk 15.2.1
Digium Asterisk 15.1.4
Digium Asterisk 15.1.2
Digium Asterisk 15.3.0
Digium Asterisk 15.1.0
Digium Asterisk 15.0.0
Digium Asterisk 16.0.1
Digium Asterisk 16.0.0
Digium Asterisk 15.2.2
Digium Asterisk 15.2.0
Digium Asterisk 15.1.5
Digium Asterisk 15.6.1
Digium Asterisk 15.4.1
Digium Asterisk 15.1.3
1 Github repository
5
CVSSv2
CVE-2018-17281
There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk up to and including 13.23.0, 14.7.x up to and including 14.7.7, and 15.x up to and including 15.6.0 and Certified Asterisk up to and including 13.21-cert2. It allows an malicious user to cr...
Digium Asterisk
Digium Certified Asterisk 13.13
Digium Certified Asterisk 13.1
Digium Certified Asterisk 11.6
Digium Certified Asterisk 13.21
Digium Certified Asterisk 13.8
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2018-12227
An issue exists in Asterisk Open Source 13.x prior to 13.21.1, 14.x prior to 14.7.7, and 15.x prior to 15.4.1 and Certified Asterisk 13.18-cert prior to 13.18-cert4 and 13.21-cert prior to 13.21-cert2. When endpoint specific ACL rules block a SIP request, they respond with a 403 ...
Digium Asterisk
Digium Certified Asterisk 13.21
Digium Certified Asterisk 13.18
Debian Debian Linux 9.0
5
CVSSv2
CVE-2018-7284
A Buffer Overflow issue exists in Asterisk up to and including 13.19.1, 14.x up to and including 14.7.5, and 15.x up to and including 15.2.1, and Certified Asterisk up to and including 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accept...
Digium Asterisk
Digium Certified Asterisk 13.18
Digium Certified Asterisk
Debian Debian Linux 9.0
1 EDB exploit
1 Github repository
4
CVSSv2
CVE-2018-7286
An issue exists in Asterisk up to and including 13.19.1, 14.x up to and including 14.7.5, and 15.x up to and including 15.2.1, and Certified Asterisk up to and including 13.18-cert2. res_pjsip allows remote authenticated users to crash Asterisk (segmentation fault) by sending a n...
Digium Asterisk
Digium Asterisk 13.19.1
Digium Certified Asterisk
Debian Debian Linux 9.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »