Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium asterisk vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-46837
res_pjsip_t38 in Sangoma Asterisk 16.x prior to 16.16.2, 17.x prior to 17.9.3, and 18.x prior to 18.2.2, and Certified Asterisk prior to 16.8-cert7, allows an malicious user to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by...
Asterisk Certified Asterisk 16.8.0
Digium Asterisk
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2021-31878
An issue exists in PJSIP in Asterisk prior to 16.19.1 and prior to 18.5.1. To exploit, a re-INVITE without SDP must be received after Asterisk has sent a BYE request.
Digium Asterisk 18.3.0
Digium Asterisk 18.4.0
Digium Asterisk 16.17.0
Digium Asterisk 16.18.0
Digium Asterisk 16.19.0
Digium Asterisk 18.5.0
6.5
CVSSv3
CVE-2021-26713
A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk prior to 16.16.1, 17.x prior to 17.9.2, and 18.x prior to 18.2.1 and Certified Asterisk prior to 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold req...
Digium Certified Asterisk 16.8
Digium Asterisk
6.5
CVSSv3
CVE-2020-35776
A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote malicious user to crash Asterisk by deliberately misusing SIP 181 responses.
Digium Asterisk
6.5
CVSSv3
CVE-2020-35652
An issue exists in res_pjsip_diversion.c in Sangoma Asterisk prior to 13.38.0, 14.x up to and including 16.x prior to 16.15.0, 17.x prior to 17.9.0, and 18.x prior to 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or w...
Digium Asterisk
6.5
CVSSv3
CVE-2019-18790
An issue exists in channels/chan_sip.c in Sangoma Asterisk 13.x prior to 13.29.2, 16.x prior to 16.6.2, and 17.x prior to 17.0.1, and Certified Asterisk 13.21 before cert5. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not nee...
Digium Certified Asterisk 13.21.0
Digium Asterisk
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2019-15297
res_pjsip_t38 in Sangoma Asterisk 15.x prior to 15.7.4 and 16.x prior to 16.5.1 allows an malicious user to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference.
Digium Asterisk
6.5
CVSSv3
CVE-2019-12827
Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and previous versions allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.
Digium Certified Asterisk 13.21
Digium Asterisk
6.5
CVSSv3
CVE-2019-7251
An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and previous versions and 16.1.1 and previous versions allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.
Digium Asterisk
6.5
CVSSv3
CVE-2018-7286
An issue exists in Asterisk up to and including 13.19.1, 14.x up to and including 14.7.5, and 15.x up to and including 15.2.1, and Certified Asterisk up to and including 13.18-cert2. res_pjsip allows remote authenticated users to crash Asterisk (segmentation fault) by sending a n...
Digium Asterisk
Digium Asterisk 13.19.1
Digium Certified Asterisk
Debian Debian Linux 9.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »