Vulnerabilities > Freeswitch > Freeswitch > 1.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-27 | CVE-2023-51443 | Improper Check or Handling of Exceptional Conditions vulnerability in Freeswitch FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. | 5.9 |
| 2023-09-15 | CVE-2023-40018 | Out-of-bounds Write vulnerability in Freeswitch FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. | 7.5 |
| 2023-09-15 | CVE-2023-40019 | Allocation of Resources Without Limits or Throttling vulnerability in Freeswitch FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. | 6.5 |
| 2021-10-26 | CVE-2021-41157 | Missing Authentication for Critical Function vulnerability in Freeswitch FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. | 5.0 |
| 2021-10-26 | CVE-2021-41158 | Origin Validation Error vulnerability in Freeswitch FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. | 7.5 |
| 2021-10-25 | CVE-2021-41105 | Unspecified vulnerability in Freeswitch FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. | 5.0 |
| 2021-10-25 | CVE-2021-41145 | Memory Leak vulnerability in Freeswitch FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. | 5.0 |
| 2021-10-25 | CVE-2021-37624 | Missing Authentication for Critical Function vulnerability in Freeswitch FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. | 7.5 |
| 2018-12-06 | CVE-2018-19911 | Command Injection vulnerability in Freeswitch FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system (or api/bg_system or txtapi/bg_system) query string on TCP port 8080, as demonstrated by an api/system?calc URI. | 7.6 |
| 2015-10-05 | CVE-2015-7392 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freeswitch 1.2/1.6.0 Heap-based buffer overflow in the parse_string function in libs/esl/src/esl_json.c in FreeSWITCH before 1.4.23 and 1.6.x before 1.6.2 allows remote attackers to execute arbitrary code via a trailing \u in a json string to cJSON_Parse. | 7.5 |