Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium certified asterisk vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-26651
An issue exists in Asterisk up to and including 19.x and Certified Asterisk up to and including 16.8-cert13. The func_odbc module provides possibly inadequate escaping functionality for backslash characters in SQL queries, resulting in user-provided data creating a broken SQL que...
Digium Certified Asterisk 16.8
Digium Asterisk
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.8
CVSSv2
CVE-2019-18790
An issue exists in channels/chan_sip.c in Sangoma Asterisk 13.x prior to 13.29.2, 16.x prior to 16.6.2, and 17.x prior to 17.0.1, and Certified Asterisk 13.21 before cert5. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not nee...
Digium Certified Asterisk 13.21.0
Digium Asterisk
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2017-14099
In res/res_rtp_asterisk.c in Asterisk 11.x prior to 11.25.2, 13.x prior to 13.17.1, and 14.x prior to 14.6.1 and Certified Asterisk 11.x prior to 11.6-cert17 and 13.x prior to 13.13-cert5, unauthorized data disclosure (media takeover in the RTP stack) is possible with careful tim...
Digium Asterisk 13.16.0
Digium Asterisk 13.14.0
Digium Asterisk 13.0.1
Digium Asterisk 13.0.2
Digium Asterisk 13.1.0
Digium Asterisk 13.3.0
Digium Asterisk 13.3.2
Digium Asterisk 13.7.0
Digium Asterisk 13.7.1
Digium Asterisk 13.10.0
Digium Asterisk 13.12.2
Digium Asterisk 13.13
Digium Asterisk 13.17.0
Digium Asterisk 13.15.0
Digium Asterisk 13.0.0
Digium Asterisk 13.2.0
Digium Asterisk 13.2.1
Digium Asterisk 13.6.0
Digium Asterisk 13.8.2
Digium Asterisk 13.9.0
Digium Asterisk 13.9.1
Digium Asterisk 13.12.0
7.5
CVSSv2
CVE-2017-14100
In Asterisk 11.x prior to 11.25.2, 13.x prior to 13.17.1, and 14.x prior to 14.6.1 and Certified Asterisk 11.x prior to 11.6-cert17 and 13.x prior to 13.13-cert5, unauthorized command execution is possible. The app_minivm module has an "externnotify" program configurati...
Digium Asterisk 13.15.0
Digium Asterisk 13.13.1
Digium Asterisk 13.0.0
Digium Asterisk 13.1.0
Digium Asterisk 13.4.0
Digium Asterisk 13.5.0
Digium Asterisk 13.8.0
Digium Asterisk 13.11.0
Digium Asterisk 13.11.1
Digium Asterisk 13.16.0
Digium Asterisk 13.15.1
Digium Asterisk 13.14.0
Digium Asterisk 13.0.2
Digium Asterisk 13.3.2
Digium Asterisk 13.7.1
Digium Asterisk 13.7.2
Digium Asterisk 13.10.0
Digium Asterisk 13.13
Digium Asterisk 13.13.0
Digium Asterisk 13.17.0
Digium Asterisk 13.0.1
Digium Asterisk 13.2.0
5
CVSSv2
CVE-2017-14603
In Asterisk 11.x prior to 11.25.3, 13.x prior to 13.17.2, and 14.x prior to 14.6.2 and Certified Asterisk 11.x prior to 11.6-cert18 and 13.x prior to 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat&qu...
Digium Asterisk 13.0.2
Digium Asterisk 13.1.0
Digium Asterisk 13.1.1
Digium Asterisk 13.7.1
Digium Asterisk 13.7.2
Digium Asterisk 13.8.0
Digium Asterisk 13.13
Digium Asterisk 13.13.0
Digium Asterisk 13.13.1
Digium Asterisk 13.14.0
Digium Asterisk 13.0.0
Digium Asterisk 13.3.2
Digium Asterisk 13.4.0
Digium Asterisk 13.5.0
Digium Asterisk 13.10.0
Digium Asterisk 13.11.0
Digium Asterisk 13.11.1
Digium Asterisk 13.11.2
Digium Asterisk 13.15.0
Digium Asterisk 13.0.1
Digium Asterisk 13.2.0
Digium Asterisk 13.3.0
6.5
CVSSv2
CVE-2017-7617
Remote code execution can occur in Asterisk Open Source 13.x prior to 13.14.1 and 14.x prior to 14.3.1 and Certified Asterisk 13.13 prior to 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI M...
Digium Asterisk 14.3.0
Digium Asterisk 13.10.0
Digium Asterisk 14.0
Digium Asterisk 14.0.0
Digium Asterisk 13.11.0
Digium Asterisk 13.11.1
Digium Asterisk 13.11.2
Digium Asterisk 13.5.0
Digium Asterisk 13.6.0
Digium Asterisk 13.7.0
Digium Asterisk 13.0.0
Digium Asterisk 13.0.1
Digium Asterisk 13.0.2
Digium Asterisk 14.0.2
Digium Asterisk 14.01
Digium Asterisk 14.02
Digium Asterisk 14.1
Digium Asterisk 14.1.0
Digium Asterisk 13.13
Digium Asterisk 13.13.0
Digium Asterisk 13.2.0
Digium Asterisk 13.8.0
4
CVSSv2
CVE-2012-3812
Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x prior to 1.8.13.1 and 10.x prior to 10.5.2, Certified Asterisk 1.8.11-certx prior to 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones prior to 10.5.2-digiumphones allows remote authenticate...
Digium Asterisk 1.8.0
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.2
Digium Asterisk 1.8.2.4
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.4
Digium Asterisk 1.8.4.4
Digium Asterisk 1.8.5
Digium Asterisk 1.8.5.0
Digium Asterisk 1.8.7.0
Digium Asterisk 1.8.8.0
Digium Asterisk 1.8.8.1
Digium Asterisk 1.8.9.0
Digium Certified Asterisk 1.8.11
Digium Asterisk 1.8.13.0
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.1
Digium Asterisk 1.8.3.3
Digium Asterisk 1.8.3
Digium Asterisk 1.8.6.0
Digium Asterisk 1.8.7.1
Digium Asterisk 1.8.8.2
2.6
CVSSv2
CVE-2012-2947
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert prior to 1.8.11-cert2 and Asterisk Open Source 1.8.x prior to 1.8.12.1 and 10.x prior to 10.4.1, when a certain mohinterpret setting is enabled, allows remote malicious users to cause a denial of service (da...
Debian Debian Linux 6.0
Digium Asterisk 1.8.0
Digium Asterisk 1.8.3
Digium Asterisk 1.8.3.1
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.6.0
Digium Asterisk 1.8.7.0
Digium Asterisk 1.8.9.0
Digium Asterisk 1.8.9.2
Digium Asterisk 1.8.9.3
Digium Asterisk 1.8.10.0
Digium Asterisk 1.8.12.0
Digium Asterisk 1.8.8.0
Digium Asterisk 1.8.9.1
Digium Asterisk 1.8.1
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.2.3
Digium Asterisk 1.8.4
Digium Asterisk 1.8.5
Digium Asterisk 1.8.7.1
Digium Asterisk 1.8.8.2
Digium Asterisk 1.8.11.1
4
CVSSv2
CVE-2012-3863
channels/chan_sip.c in Asterisk Open Source 1.8.x prior to 1.8.13.1 and 10.x prior to 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx prior to 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones prior to 10.5.2-digiumphones does not...
Digium Asterisk Business Edition C.3.1
Digium Asterisk Business Edition C.3.7.4
Digium Asterisk Business Edition C.3.3
Digium Asterisk 1.8.0
Digium Asterisk 1.8.1
Digium Asterisk 1.8.2.3
Digium Asterisk 1.8.3
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.4.2
Digium Asterisk 1.8.6.0
Digium Asterisk 1.8.8.0
Digium Asterisk 1.8.9.2
Digium Asterisk 1.8.9.0
Digium Asterisk 1.8.11.0
Digium Asterisk 1.8.11.1
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.4
Digium Asterisk 1.8.7.0
Digium Asterisk 1.8.7.1
Digium Certified Asterisk 1.8.11
6
CVSSv2
CVE-2012-4737
channels/chan_iax2.c in Asterisk Open Source 1.8.x prior to 1.8.15.1 and 10.x prior to 10.7.1, Certified Asterisk 1.8.11 prior to 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones prior to 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 does not enfo...
Digium Asterisk 1.8.10.1
Digium Asterisk 1.8.10.0
Digium Asterisk 1.8.9.0
Digium Asterisk 1.8.9.2
Digium Asterisk 1.8.8.0
Digium Asterisk 1.8.8.1
Digium Asterisk 1.8.12.0
Digium Asterisk 1.8.0
Digium Asterisk 1.8.3
Digium Asterisk 1.8.3.1
Digium Asterisk 1.8.6.0
Digium Asterisk 1.8.7.0
Digium Asterisk 1.8.14.0
Digium Asterisk 1.8.14.1
Digium Asterisk 1.8.11.0
Digium Asterisk 1.8.9.3
Digium Asterisk 1.8.8.2
Digium Asterisk 1.8.12
Digium Asterisk 1.8.9.1
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »