Vulnerabilities > Digium > Certified Asterisk > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-15 | CVE-2022-26651 | SQL Injection vulnerability in multiple products An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. | 9.8 |
| 2017-09-02 | CVE-2017-14100 | OS Command Injection vulnerability in Digium Asterisk In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. | 9.8 |