Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium asterisk vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2014-8417
ConfBridge in Asterisk 11.x prior to 11.14.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 11.6 prior to 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or...
Digium Asterisk
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 11.6
9
CVSSv2
CVE-2014-8418
The DB dialplan function in Asterisk Open Source 1.8.x prior to 1.8.32, 11.x prior to 11.1.4.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 1.8 prior to 1.8.28-cert8 and 11.6 prior to 11.6-cert8 allows remote authenticated users to gain privileges via a ...
Digium Certified Asterisk 1.8.28
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 11.6
Digium Asterisk
4.3
CVSSv2
CVE-2014-4045
The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x prior to 12.3.1, when sub_min_expiry is set to zero, allows remote malicious users to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to...
Digium Asterisk 12.2.0
Digium Asterisk 12.0.0
Digium Asterisk 12.1.0
Digium Asterisk 12.1.1
Digium Asterisk 12.3.0
6.5
CVSSv2
CVE-2014-4046
Asterisk Open Source 11.x prior to 11.10.1 and 12.x prior to 12.3.1 and Certified Asterisk 11.6 prior to 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action.
Digium Asterisk 11.9.0
Digium Asterisk 11.0.0
Digium Asterisk 11.1.2
Digium Asterisk 11.2.0
Digium Asterisk 11.4.0
Digium Asterisk 11.5.0
Digium Asterisk 11.8.0
Digium Asterisk 11.8.1
Digium Asterisk 11.0.1
Digium Asterisk 11.3.0
Digium Asterisk 11.1.0
Digium Asterisk 11.1.1
Digium Asterisk 11.10.0
Digium Asterisk 11.0.2
Digium Asterisk 11.5.1
Digium Asterisk 12.2.0
Digium Asterisk 12.0.0
Digium Asterisk 12.3.0
Digium Asterisk 12.1.0
Digium Asterisk 12.1.1
Digium Certified Asterisk 11.6
Digium Certified Asterisk 11.6.0
5
CVSSv2
CVE-2014-4047
Asterisk Open Source 1.8.x prior to 1.8.28.1, 11.x prior to 11.10.1, and 12.x prior to 12.3.1 and Certified Asterisk 1.8.15 prior to 1.8.15-cert6 and 11.6 prior to 11.6-cert3 allows remote malicious users to cause a denial of service (connection consumption) via a large number of...
Digium Certified Asterisk 1.8.15
Digium Asterisk 1.8.28.0
Digium Asterisk 1.8.27.0
Digium Asterisk 1.8.0
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.10.0
Digium Asterisk 1.8.11.0
Digium Asterisk 1.8.12
Digium Asterisk 1.8.12.0
Digium Asterisk 1.8.13.0
Digium Asterisk 1.8.14.1
Digium Asterisk 1.8.16.0
Digium Asterisk 1.8.18.0
Digium Asterisk 1.8.2
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.20.0
Digium Asterisk 1.8.20.1
Digium Asterisk 1.8.22.0
Digium Asterisk 1.8.24.0
Digium Asterisk 1.8.3
Digium Asterisk 1.8.4
Digium Asterisk 1.8.5
4.3
CVSSv2
CVE-2014-4048
The PJSIP Channel Driver in Asterisk Open Source prior to 12.3.1 allows remote malicious users to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which triggers a SIP transaction timeout.
Digium Asterisk 12.2.0
Digium Asterisk 12.0.0
Digium Asterisk 12.3.0
Digium Asterisk 12.1.0
Digium Asterisk
Digium Asterisk 12.1.1
3.5
CVSSv2
CVE-2014-2287
channels/chan_sip.c in Asterisk Open Source 1.8.x prior to 1.8.26.1, 11.8.x prior to 11.8.1, and 12.1.x prior to 12.1.1, and Certified Asterisk 1.8.15 prior to 1.8.15-cert5 and 11.6 prior to 11.6-cert2, when chan_sip has a certain configuration, allows remote authenticated users ...
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 1.8.15
Digium Certified Asterisk 1.8.12.0
Digium Certified Asterisk 1.8.10.0
Digium Certified Asterisk 1.8.8.0
Digium Certified Asterisk 1.8.6.0
Digium Certified Asterisk 1.8.4.0
Digium Certified Asterisk 1.8.3.0
Digium Certified Asterisk 1.8.1.0
Digium Certified Asterisk 1.8.0.0
Digium Certified Asterisk 11.6
Digium Certified Asterisk 1.8.14.0
Digium Certified Asterisk 1.8.13.0
Digium Certified Asterisk 1.8.9.0
Digium Certified Asterisk 1.8.5.0
Digium Certified Asterisk 1.8.11.0
Digium Certified Asterisk 1.8.7.0
Digium Certified Asterisk 1.8.2.0
Digium Asterisk 12.1.0
Digium Asterisk 1.8.25.0
Digium Asterisk 1.8.24.1
Digium Asterisk 1.8.23.0
3.5
CVSSv2
CVE-2014-2289
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x prior to 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request without any Accept headers, which triggers an invalid pointer dereference.
Digium Asterisk 12.1.0
Digium Asterisk 12.0.0
7.5
CVSSv2
CVE-2014-2286
main/http.c in Asterisk Open Source 1.8.x prior to 1.8.26.1, 11.8.x prior to 11.8.1, and 12.1.x prior to 12.1.1, and Certified Asterisk 1.8.x prior to 1.8.15-cert5 and 11.6 prior to 11.6-cert2, allows remote malicious users to cause a denial of service (stack consumption) and pos...
Digium Asterisk 12.1.0
Digium Asterisk 1.8.26.0
Digium Asterisk 1.8.25.0
Digium Asterisk 1.8.22.0
Digium Asterisk 1.8.21.0
Digium Asterisk 1.8.15.0
Digium Asterisk 1.8.14.1
Digium Asterisk 1.8.14.0
Digium Asterisk 1.8.0
Digium Asterisk 1.8.10.0
Digium Asterisk 1.8.10.1
Digium Asterisk 1.8.11.0
Digium Asterisk 1.8.15.1
Digium Asterisk 1.8.19.0
Digium Asterisk 1.8.19.1
Digium Asterisk 1.8.2
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.4
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.4.2
Digium Asterisk 1.8.8.0
Fedoraproject Fedora 19
4.3
CVSSv2
CVE-2014-2288
The PJSIP channel driver in Asterisk Open Source 12.x prior to 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS request," allows remote malicious users to cause a denial of service (cra...
Digium Asterisk 12.1.0
Digium Asterisk 12.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »