Vulnerabilities > Digium > Certified Asterisk > 12.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-22 | CVE-2018-7286 | An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. | 6.5 |
| 2018-02-22 | CVE-2018-7284 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. | 7.5 |
| 2017-12-13 | CVE-2017-17664 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Digium Asterisk A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before 13.13-cert9. | 5.9 |
| 2017-12-02 | CVE-2017-17090 | Incomplete Cleanup vulnerability in Digium Certified Asterisk An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. | 7.5 |
| 2017-04-10 | CVE-2017-7617 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Digium Asterisk Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action. | 8.8 |