Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asterisk asterisk a vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-2488
The IAX2 channel driver (chan_iax2) in Asterisk prior to 20070504 does not properly null terminate data, which allows remote malicious users to trigger loss of transmitted data, and possibly obtain sensitive information (memory contents) or cause a denial of service (application ...
Asterisk Asterisk
5
CVSSv2
CVE-2018-19278
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x prior to 15.6.2 and 16.x prior to 16.0.1 allows remote malicious users to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actua...
Digium Asterisk 15.6.0
Digium Asterisk 15.5.0
Digium Asterisk 15.4.0
Digium Asterisk 15.2.1
Digium Asterisk 15.1.4
Digium Asterisk 15.1.2
Digium Asterisk 15.3.0
Digium Asterisk 15.1.0
Digium Asterisk 15.0.0
Digium Asterisk 16.0.1
Digium Asterisk 16.0.0
Digium Asterisk 15.2.2
Digium Asterisk 15.2.0
Digium Asterisk 15.1.5
Digium Asterisk 15.6.1
Digium Asterisk 15.4.1
Digium Asterisk 15.1.3
1 Github repository
4.3
CVSSv2
CVE-2008-2119
Asterisk Open Source 1.0.x and 1.2.x prior to 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote malicious users to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a Fr...
Asterisk Asterisk Business Edition B.2.2.1
Asterisk Asterisk Business Edition B.2.3.1
Asterisk Open Source 1.0.0
Asterisk Open Source 1.0.1
Asterisk Open Source 1.0.5
Asterisk Open Source 1.0.6
Asterisk Open Source 1.2.10
Asterisk Open Source 1.2.11
Asterisk Open Source 1.2.17
Asterisk Open Source 1.2.18
Asterisk Open Source 1.2.23
Asterisk Open Source 1.2.24
Asterisk Asterisk Business Edition B.1.3.2
Asterisk Asterisk Business Edition B.1.3.3
Asterisk Asterisk Business Edition B.2.2.0
Asterisk Asterisk Business Edition B2.5.1
Asterisk Open Source 1.0
Asterisk Open Source 1.0.3
Asterisk Open Source 1.0.4
Asterisk Open Source 1.2.0beta1
Asterisk Open Source 1.2.0beta2
Asterisk Open Source 1.2.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-4345
Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asterisk 1.0 up to and including 1.2.10 allows remote malicious users to execute arbitrary code via a crafted audit endpoint (AUEP) response.
Digium Asterisk 1.0.5
Digium Asterisk 1.0.6
Digium Asterisk 1.2.0 Beta2
Digium Asterisk 1.2.10
Digium Asterisk 1.0.10
Digium Asterisk 1.0.2
Digium Asterisk 1.0.9
Digium Asterisk 1.0 Rc1
Digium Asterisk 1.2.8
Digium Asterisk 1.0.0
Digium Asterisk 1.0.1
Digium Asterisk 1.0.7
Digium Asterisk 1.0.8
Digium Asterisk 1.2.6
Digium Asterisk 1.2.7
Digium Asterisk 1.2.9
Digium Asterisk 1.0.3
Digium Asterisk 1.0.4
Digium Asterisk 1.0 Rc2
Digium Asterisk 1.2.0 Beta1
4
CVSSv2
CVE-2014-6610
Asterisk Open Source 11.x prior to 11.12.1 and 12.x prior to 12.5.1 and Certified Asterisk 11.6 prior to 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly han...
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 11.6
Digium Asterisk 12.5.0
Digium Asterisk 12.4.0
Digium Asterisk 12.0.0
Digium Asterisk 11.12.0
Digium Asterisk 11.11.0
Digium Asterisk 11.6.0
Digium Asterisk 11.5.0
Digium Asterisk 11.1.0
Digium Asterisk 11.0.0
Digium Asterisk 12.2.0
Digium Asterisk 11.9.0
Digium Asterisk 11.8.0
Digium Asterisk 11.4.0
Digium Asterisk 11.3.0
Digium Asterisk 12.3.0
Digium Asterisk 12.1.0
Digium Asterisk 11.10.0
Digium Asterisk 11.7.0
Digium Asterisk 11.2.0
6.5
CVSSv2
CVE-2014-4046
Asterisk Open Source 11.x prior to 11.10.1 and 12.x prior to 12.3.1 and Certified Asterisk 11.6 prior to 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action.
Digium Asterisk 11.9.0
Digium Asterisk 11.0.0
Digium Asterisk 11.1.2
Digium Asterisk 11.2.0
Digium Asterisk 11.4.0
Digium Asterisk 11.5.0
Digium Asterisk 11.8.0
Digium Asterisk 11.8.1
Digium Asterisk 11.0.1
Digium Asterisk 11.3.0
Digium Asterisk 11.1.0
Digium Asterisk 11.1.1
Digium Asterisk 11.10.0
Digium Asterisk 11.0.2
Digium Asterisk 11.5.1
Digium Asterisk 12.2.0
Digium Asterisk 12.0.0
Digium Asterisk 12.3.0
Digium Asterisk 12.1.0
Digium Asterisk 12.1.1
Digium Certified Asterisk 11.6
Digium Certified Asterisk 11.6.0
5
CVSSv2
CVE-2011-2216
reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x prior to 1.8.4.2 does not initialize certain strings, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed Contact header.
Digium Asterisk 1.8.1
Digium Asterisk 1.8.0
Digium Asterisk 1.8.3
Digium Asterisk 1.8.3.1
Digium Asterisk 1.8.4
Digium Asterisk 1.8.2.3
Digium Asterisk 1.8.2.2
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.2
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.2.4
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.3.3
5
CVSSv2
CVE-2011-2665
reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x prior to 1.8.4.3 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a SIP packet with a Contact header that lacks a < (less than) character.
Digium Asterisk 1.8.4
Digium Asterisk 1.8.1
Digium Asterisk 1.8.0
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.2.3
Digium Asterisk 1.8.3
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.2.2
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.3.1
Digium Asterisk 1.8.2.4
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.3.3
Digium Asterisk 1.8.2
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.4.2
5
CVSSv2
CVE-2013-5641
The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.17.x up to and including 1.8.22.x, 1.8.23.x prior to 1.8.23.1, and 11.x prior to 11.5.1 and Certified Asterisk 1.8.15 prior to 1.8.15-cert3 and 11.2 prior to 11.2-cert2 allows remote malicious users to cause...
Digium Certified Asterisk 1.8.15
Digium Asterisk 11.4.0
Digium Asterisk 11.0.0
Digium Asterisk 11.1.0
Digium Asterisk 1.8.20.0
Digium Asterisk 1.8.17.0
Digium Asterisk 1.8.19.0
Digium Asterisk 1.8.19.1
Digium Certified Asterisk 11.2.0
Digium Asterisk 11.5.0
Digium Asterisk 11.0.1
Digium Asterisk 11.2.0
Digium Asterisk 1.8.23.0
Digium Asterisk 1.8.22.0
Digium Asterisk 1.8.18.0
Digium Asterisk 1.8.18.1
Digium Asterisk 11.3.0
Digium Asterisk 11.5.1
Digium Asterisk 11.0.2
Digium Asterisk 11.1.1
Digium Asterisk 11.1.2
Digium Asterisk 1.8.21.0
5
CVSSv2
CVE-2013-2686
main/http.c in the HTTP server in Asterisk Open Source 1.8.x prior to 1.8.20.2, 10.x prior to 10.12.2, and 11.x prior to 11.2.2; Certified Asterisk 1.8.15 prior to 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones prior to 10.12.2-digiumphones does not properly restrict C...
Asterisk Open Source 1.8.0
Asterisk Open Source 1.8.3
Asterisk Open Source 1.8.6.0
Asterisk Open Source 1.8.8.2
Asterisk Open Source 1.8.9.0
Asterisk Open Source 1.8.11.1
Asterisk Open Source 1.8.12.0
Asterisk Open Source 1.8.15.1
Asterisk Open Source 1.8.16.0
Asterisk Open Source 1.8.20.0
Asterisk Open Source 1.8.20.1
Asterisk Open Source 1.8.1.1
Asterisk Open Source 1.8.1.2
Asterisk Open Source 1.8.2
Asterisk Open Source 1.8.4
Asterisk Open Source 1.8.4.1
Asterisk Open Source 1.8.4.2
Asterisk Open Source 1.8.7.2
Asterisk Open Source 1.8.8.0
Asterisk Open Source 1.8.10.0
Asterisk Open Source 1.8.13.0
Asterisk Open Source 1.8.13.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »