Vulnerabilities > Sangoma > Asterisk > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-05 | CVE-2022-37325 | Out-of-bounds Write vulnerability in Sangoma Asterisk In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash. | 7.5 |
| 2019-10-29 | CVE-2009-3723 | Incorrect Authorization vulnerability in multiple products asterisk allows calls on prohibited networks | 7.5 |
| 2017-06-02 | CVE-2017-9358 | Infinite Loop vulnerability in multiple products A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop). | 7.5 |