Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-4048
The PJSIP Channel Driver in Asterisk Open Source prior to 12.3.1 allows remote malicious users to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which triggers a SIP transaction timeout.
Digium Asterisk 12.2.0
Digium Asterisk 12.0.0
Digium Asterisk 12.3.0
Digium Asterisk 12.1.0
Digium Asterisk
Digium Asterisk 12.1.1
NA
CVE-2014-6609
The res_pjsip_pubsub module in Asterisk Open Source 12.x prior to 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.
Digium Asterisk 12.2.0
Digium Asterisk 12.1.0
Digium Asterisk 12.5.0
Digium Asterisk 12.4.0
Digium Asterisk 12.3.0
Digium Asterisk 12.0.0
6.5
CVSSv3
CVE-2021-31878
An issue exists in PJSIP in Asterisk prior to 16.19.1 and prior to 18.5.1. To exploit, a re-INVITE without SDP must be received after Asterisk has sent a BYE request.
Digium Asterisk 16.17.0
Digium Asterisk 16.18.0
Digium Asterisk 16.19.0
Digium Asterisk 18.3.0
Digium Asterisk 18.4.0
Digium Asterisk 18.5.0
NA
CVE-2014-4045
The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x prior to 12.3.1, when sub_min_expiry is set to zero, allows remote malicious users to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to...
Digium Asterisk 12.2.0
Digium Asterisk 12.0.0
Digium Asterisk 12.1.0
Digium Asterisk 12.1.1
Digium Asterisk 12.3.0
NA
CVE-2014-8412
The (1) VoIP channel drivers, (2) DUNDi, and (3) Asterisk Manager Interface (AMI) in Asterisk Open Source 1.8.x prior to 1.8.32.1, 11.x prior to 11.14.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 1.8.28 prior to 1.8.28-cert3 and 11.6 prior to 11.6-cert...
Digium Certified Asterisk 11.6
Digium Certified Asterisk 1.8.28.0
Digium Certified Asterisk 1.8.28
Digium Certified Asterisk 11.6.0
Digium Asterisk
NA
CVE-2014-8418
The DB dialplan function in Asterisk Open Source 1.8.x prior to 1.8.32, 11.x prior to 11.1.4.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 1.8 prior to 1.8.28-cert8 and 11.6 prior to 11.6-cert8 allows remote authenticated users to gain privileges via a ...
Digium Certified Asterisk 1.8.28
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 11.6
Digium Asterisk
7.5
CVSSv3
CVE-2017-17090
An issue exists in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain requests, it can cause the asterisk proc...
Digium Certified Asterisk 13.13
Digium Certified Asterisk
Digium Asterisk
1 EDB exploit
5.9
CVSSv3
CVE-2017-17664
A Remote Crash issue exists in Asterisk Open Source 13.x prior to 13.18.4, 14.x prior to 14.7.4, and 15.x prior to 15.1.4 and Certified Asterisk prior to 13.13-cert9. Certain compound RTCP packets cause a crash in the RTCP Stack.
Digium Asterisk
Digium Certified Asterisk 13.13
Digium Certified Asterisk
NA
CVE-2014-8414
ConfBridge in Asterisk 11.x prior to 11.14.1 and Certified Asterisk 11.6 prior to 11.6-cert8 does not properly handle state changes, which allows remote malicious users to cause a denial of service (channel hang and memory consumption) by causing transitions to be delayed, which ...
Digium Asterisk
Digium Certified Asterisk 11.6
Digium Certified Asterisk 11.6.0
NA
CVE-2014-8417
ConfBridge in Asterisk 11.x prior to 11.14.1, 12.x prior to 12.7.1, and 13.x prior to 13.0.1 and Certified Asterisk 11.6 prior to 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or...
Digium Asterisk
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 11.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »