Vulnerabilities > Digium > Asterisk > 13.28.0

DATE CVE VULNERABILITY TITLE RISK
2019-11-22 CVE-2019-18790 Missing Authorization vulnerability in multiple products
An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5.
network
low complexity
digium debian CWE-862
6.5
6.5
2019-09-09 CVE-2019-15639 Improper Input Validation vulnerability in Digium Asterisk
main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario.
network
low complexity
digium CWE-20
7.5
7.5
2017-12-02 CVE-2017-17090 Incomplete Cleanup vulnerability in Digium Certified Asterisk
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older.
network
low complexity
digium CWE-459
7.5
7.5