Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asterisk certified asterisk vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-42705
A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated malicious user to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that As...
Sangoma Certified Asterisk 18.9
Sangoma Asterisk
Sangoma Asterisk 20.0.0
5.3
CVSSv3
CVE-2016-9938
An issue exists in Asterisk Open Source 11.x prior to 11.25.1, 13.x prior to 13.13.1, and 14.x prior to 14.2.1 and Certified Asterisk 11.x prior to 11.6-cert16 and 13.x prior to 13.8-cert4. The chan_sip channel driver has a liberal definition for whitespace when attempting to str...
Digium Asterisk 13.1.0
Digium Asterisk 13.2.1
Digium Asterisk 13.8.0
Digium Asterisk 11.14.0
Digium Asterisk 13.7.1
Digium Asterisk 11.2.0
Digium Asterisk 11.21.0
Digium Asterisk 11.22.0
Digium Asterisk 11.10.2
Digium Asterisk 11.0.0
Digium Asterisk 11.1.1
Digium Asterisk 13.1.1
Digium Asterisk 11.21.1
Digium Asterisk 13.4.0
Digium Asterisk 11.10.1
Digium Asterisk 11.16.0
Digium Asterisk 11.11.0
Digium Asterisk 11.12.1
Digium Asterisk 14.0.0
Digium Asterisk 11.23.0
Digium Asterisk 13.2.0
Digium Asterisk 11.0.2
5.9
CVSSv3
CVE-2021-26906
An issue exists in res_pjsip_session.c in Digium Asterisk up to and including 13.38.1; 14.x, 15.x, and 16.x up to and including 16.16.0; 17.x up to and including 17.9.1; and 18.x up to and including 18.2.0, and Certified Asterisk up to and including 16.8-cert5. An SDP negotiation...
Digium Certified Asterisk 16.8
Digium Asterisk
6.5
CVSSv3
CVE-2019-12827
Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and previous versions allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.
Digium Certified Asterisk 13.21
Digium Asterisk
7.5
CVSSv3
CVE-2021-26717
An issue exists in Sangoma Asterisk 16.x prior to 16.16.1, 17.x prior to 17.9.2, and 18.x prior to 18.2.1 and Certified Asterisk prior to 16.8-cert6. When re-negotiating for T.38, if the initial remote response was delayed just enough, Asterisk would send both audio and T.38 in t...
Digium Certified Asterisk 16.8
Digium Asterisk
8.8
CVSSv3
CVE-2017-16671
A Buffer Overflow issue exists in Asterisk Open Source 13 prior to 13.18.1, 14 prior to 14.7.1, and 15 prior to 15.1.1 and Certified Asterisk 13.13 prior to 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to...
Digium Asterisk
Digium Certified Asterisk 13.13.0
5.9
CVSSv3
CVE-2017-16672
An issue exists in Asterisk Open Source 13 prior to 13.18.1, 14 prior to 14.7.1, and 15 prior to 15.1.1 and Certified Asterisk 13.13 prior to 13.13-cert7. A memory leak occurs when an Asterisk pjsip session object is created and that call gets rejected before the session itself i...
Digium Asterisk
Digium Certified Asterisk 13.13.0
7.5
CVSSv3
CVE-2021-26712
Incorrect access controls in res_srtp.c in Sangoma Asterisk 13.38.1, 16.16.0, 17.9.1, and 18.2.0 and Certified Asterisk 16.8-cert5 allow a remote unauthenticated malicious user to prematurely terminate secure calls by replaying SRTP packets.
Digium Certified Asterisk 16.8
Digium Asterisk
6.5
CVSSv3
CVE-2021-26713
A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk prior to 16.16.1, 17.x prior to 17.9.2, and 18.x prior to 18.2.1 and Certified Asterisk prior to 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold req...
Digium Certified Asterisk 16.8
Digium Asterisk
NA
CVE-2014-6610
Asterisk Open Source 11.x prior to 11.12.1 and 12.x prior to 12.5.1 and Certified Asterisk 11.6 prior to 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly han...
Digium Certified Asterisk 11.6
Digium Certified Asterisk 11.6.0
Digium Asterisk 12.0.0
Digium Asterisk 11.3.0
Digium Asterisk 11.2.0
Digium Asterisk 11.0.0
Digium Asterisk 11.4.0
Digium Asterisk 12.3.0
Digium Asterisk 11.5.0
Digium Asterisk 11.11.0
Digium Asterisk 12.1.0
Digium Asterisk 11.9.0
Digium Asterisk 11.7.0
Digium Asterisk 11.12.0
Digium Asterisk 11.6.0
Digium Asterisk 12.4.0
Digium Asterisk 11.10.0
Digium Asterisk 11.8.0
Digium Asterisk 12.2.0
Digium Asterisk 12.5.0
Digium Asterisk 11.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »