Vulnerabilities > Digium > Asterisk > 16.23.0

DATE CVE VULNERABILITY TITLE RISK
2023-12-14 CVE-2023-37457 Classic Buffer Overflow vulnerability in multiple products
Asterisk is an open source private branch exchange and telephony toolkit.
network
low complexity
sangoma digium CWE-120
8.2
8.2
2023-12-14 CVE-2023-49294 Path Traversal vulnerability in multiple products
Asterisk is an open source private branch exchange and telephony toolkit.
network
low complexity
sangoma digium CWE-22
7.5
7.5
2023-12-14 CVE-2023-49786 Race Condition vulnerability in multiple products
Asterisk is an open source private branch exchange and telephony toolkit.
network
high complexity
sangoma digium CWE-362
5.9
5.9
2022-04-15 CVE-2022-26498 Resource Exhaustion vulnerability in multiple products
An issue was discovered in Asterisk through 19.x.
network
low complexity
digium debian CWE-400
7.5
7.5
2022-04-15 CVE-2022-26499 Server-Side Request Forgery (SSRF) vulnerability in multiple products
An SSRF issue was discovered in Asterisk through 19.x.
network
low complexity
digium debian CWE-918
critical
 9.1
9.1
2022-04-15 CVE-2022-26651 SQL Injection vulnerability in multiple products
An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13.
network
low complexity
digium debian CWE-89
critical
 9.8
9.8