Vulnerabilities > Digium > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-14 | CVE-2023-37457 | Classic Buffer Overflow vulnerability in multiple products Asterisk is an open source private branch exchange and telephony toolkit. | 8.2 |
2023-12-14 | CVE-2023-49294 | Asterisk is an open source private branch exchange and telephony toolkit. | 7.5 |
2022-04-15 | CVE-2022-26498 | Resource Exhaustion vulnerability in multiple products An issue was discovered in Asterisk through 19.x. | 7.5 |
2021-07-30 | CVE-2021-32558 | Injection vulnerability in multiple products An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. | 7.5 |
2021-02-18 | CVE-2021-26712 | Unspecified vulnerability in Digium Asterisk and Certified Asterisk Incorrect access controls in res_srtp.c in Sangoma Asterisk 13.38.1, 16.16.0, 17.9.1, and 18.2.0 and Certified Asterisk 16.8-cert5 allow a remote unauthenticated attacker to prematurely terminate secure calls by replaying SRTP packets. | 7.5 |
2021-02-18 | CVE-2021-26717 | Unspecified vulnerability in Digium Asterisk and Certified Asterisk An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6. | 7.5 |
2019-11-22 | CVE-2019-18610 | Missing Authorization vulnerability in multiple products An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. | 8.8 |
2019-11-22 | CVE-2019-18976 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. | 7.5 |
2019-09-09 | CVE-2019-15639 | Improper Input Validation vulnerability in Digium Asterisk main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario. | 7.5 |
2019-05-23 | CVE-2016-7550 | NULL Pointer Dereference vulnerability in Digium Asterisk 13.10.0 asterisk 13.10.0 is affected by: denial of service issues in asterisk. | 7.5 |