Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asterisk certified asterisk vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-26717
An issue exists in Sangoma Asterisk 16.x prior to 16.16.1, 17.x prior to 17.9.2, and 18.x prior to 18.2.1 and Certified Asterisk prior to 16.8-cert6. When re-negotiating for T.38, if the initial remote response was delayed just enough, Asterisk would send both audio and T.38 in t...
Digium Certified Asterisk 16.8
Digium Asterisk
445
VMScore
CVE-2019-18976
An issue exists in res_pjsip_t38.c in Sangoma Asterisk up to and including 13.x and Certified Asterisk up to and including 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. Thi...
Digium Certified Asterisk 13.21
Digium Asterisk
Debian Debian Linux 9.0
445
VMScore
CVE-2018-17281
There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk up to and including 13.23.0, 14.7.x up to and including 14.7.7, and 15.x up to and including 15.6.0 and Certified Asterisk up to and including 13.21-cert2. It allows an malicious user to cr...
Digium Asterisk
Digium Certified Asterisk 11.6
Digium Certified Asterisk 13.21
Digium Certified Asterisk 13.13
Digium Certified Asterisk 13.8
Digium Certified Asterisk 13.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
445
VMScore
CVE-2018-12227
An issue exists in Asterisk Open Source 13.x prior to 13.21.1, 14.x prior to 14.7.7, and 15.x prior to 15.4.1 and Certified Asterisk 13.18-cert prior to 13.18-cert4 and 13.21-cert prior to 13.21-cert2. When endpoint specific ACL rules block a SIP request, they respond with a 403 ...
Digium Asterisk
Digium Certified Asterisk 13.18
Digium Certified Asterisk 13.21
Debian Debian Linux 9.0
445
VMScore
CVE-2017-17850
An issue exists in Asterisk 13.18.4 and older, 14.7.4 and older, 15.1.4 and older, and 13.18-cert1 and older. A select set of SIP messages create a dialog in Asterisk. Those SIP messages must contain a contact header. For those messages, if the header was not present and the PJSI...
Digium Asterisk
Digium Certified Asterisk 13.1.0
Digium Certified Asterisk 13.8
445
VMScore
CVE-2017-14603
In Asterisk 11.x prior to 11.25.3, 13.x prior to 13.17.2, and 14.x prior to 14.6.2 and Certified Asterisk 11.x prior to 11.6-cert18 and 13.x prior to 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat&qu...
Digium Asterisk 13.1.0
Digium Asterisk 13.2.1
Digium Asterisk 13.8.0
Digium Asterisk 13.15.0
Digium Asterisk 13.7.0
Digium Asterisk 13.7.1
Digium Asterisk 13.12
Digium Asterisk 13.1.1
Digium Asterisk 13.14.0
Digium Asterisk 13.4.0
Digium Asterisk 13.17.0
Digium Asterisk 13.2.0
Digium Asterisk 13.3.2
Digium Asterisk 13.0.1
Digium Asterisk 13.10.0
Digium Asterisk 13.6.0
Digium Asterisk 13.0.0
Digium Asterisk 13.11.1
Digium Asterisk 13.13.1
Digium Asterisk 13.11.0
Digium Asterisk 13.9.0
Digium Asterisk 13.12.0
445
VMScore
CVE-2017-14099
In res/res_rtp_asterisk.c in Asterisk 11.x prior to 11.25.2, 13.x prior to 13.17.1, and 14.x prior to 14.6.1 and Certified Asterisk 11.x prior to 11.6-cert17 and 13.x prior to 13.13-cert5, unauthorized data disclosure (media takeover in the RTP stack) is possible with careful tim...
Digium Asterisk 13.1.0
Digium Asterisk 13.2.1
Digium Asterisk 13.8.0
Digium Asterisk 13.15.0
Digium Asterisk 13.7.0
Digium Asterisk 13.7.1
Digium Asterisk 13.12
Digium Asterisk 13.1.1
Digium Asterisk 13.14.0
Digium Asterisk 13.4.0
Digium Asterisk 13.17.0
Digium Asterisk 13.2.0
Digium Asterisk 13.3.2
Digium Asterisk 13.0.1
Digium Asterisk 13.10.0
Digium Asterisk 13.6.0
Digium Asterisk 13.0.0
Digium Asterisk 13.11.1
Digium Asterisk 13.13.1
Digium Asterisk 13.11.0
Digium Asterisk 13.9.0
Digium Asterisk 13.12.0
445
VMScore
CVE-2017-9372
PJSIP, as used in Asterisk Open Source 13.x prior to 13.15.1 and 14.x prior to 14.4.1, Certified Asterisk 13.13 prior to 13.13-cert4, and other products, allows remote malicious users to cause a denial of service (buffer overflow and application crash) via a SIP packet with a cra...
Digium Open Source 13.9.0
Digium Open Source 13.2.0
Digium Open Source 13.11.0
Digium Open Source 13.4.0
Digium Open Source 13.8.0
Digium Open Source 13.1.0
Digium Open Source 13.12.0
Digium Open Source 13.15.0
Digium Open Source 13.10.0
Digium Open Source 13.12.2
Digium Open Source 13.13.0
Digium Open Source 13.6.0
Digium Open Source 13.7.0
Digium Open Source 13.8.1
Digium Open Source 13.3.0
Digium Open Source 13.5.0
Digium Open Source 13.8.2
Digium Open Source 13.14.0
Digium Open Source 13.12.1
Digium Open Source 13.0.0
Digium Open Source 14.2.0
Digium Open Source 14.0.0
445
VMScore
CVE-2017-9358
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x prior to 13.15.1 and 14.x prior to 14.4.1 and Certified Asterisk 13.13 prior to 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhau...
Asterisk Open Source 13.8.1
Asterisk Open Source 13.1.0
Asterisk Open Source 13.13.0
Asterisk Open Source 13.0.0
Asterisk Open Source 13.12.1
Asterisk Open Source 13.9.0
Asterisk Open Source 13.8.0
Asterisk Open Source 13.11.0
Asterisk Open Source 13.10.0
Asterisk Open Source 13.12.0
Asterisk Open Source 13.2.0
Asterisk Open Source 13.6.0
Asterisk Open Source 13.5.0
Asterisk Open Source 13.15.0
Asterisk Open Source 13.8.2
Asterisk Open Source 13.7.0
Asterisk Open Source 13.12.2
Asterisk Open Source 13.14.0
Asterisk Open Source 13.4.0
Asterisk Open Source 13.3.0
Asterisk Certified Asterisk 13.13.0
Asterisk Open Source 14.2.0
445
VMScore
CVE-2017-9359
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x prior to 13.15.1 and 14.x prior to 14.4.1, Certified Asterisk 13.13 prior to 13.13-cert4, and other products, allows remote malicious users to cause a denial of service (out-of-bounds read and application c...
Digium Open Source 13.9.0
Digium Open Source 13.2.0
Digium Open Source 13.11.0
Digium Open Source 13.4.0
Digium Open Source 13.8.0
Digium Open Source 13.1.0
Digium Open Source 14.2.0
Digium Open Source 13.12.0
Digium Open Source 13.15.0
Digium Open Source 13.10.0
Digium Open Source 13.12.2
Digium Open Source 13.13.0
Digium Open Source 13.6.0
Digium Open Source 13.7.0
Digium Open Source 13.8.1
Digium Open Source 13.3.0
Digium Open Source 13.5.0
Digium Open Source 13.8.2
Digium Open Source 13.14.0
Digium Open Source 13.12.1
Digium Open Source 13.0.0
Digium Certified Asterisk 13.13.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »