Lucene search
K

531 matches found

CVE
CVE
added 2017/11/09 12:0 a.m.94 views

CVE-2017-16671

CVE-2017-16671 affects Asterisk Open Source 13.x (<13.18.1), 14.x (<14.7.1), 15.x (<15.1.1) and Certified Asterisk 13.13 (=13.23.1, and FreeBSD/FreeBSD-based advisories mirror the fix trajectory. If exploiting, an attacker could trigger overflow via crafted CDR updates. No exploitation s...

8.8CVSS8.5AI score0.03344EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2017/09/01 12:0 a.m.7 views

Digium Asterisk Open Source and Certified Asterisk Arbitrary Command Execution Vulnerabilities

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. There are security vulnerabilities in Asteris...

9.8CVSS9.5AI score0.14907EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/01 12:0 a.m.5 views

Digium Asterisk Open Source and Certified Asterisk Session Hijacking Vulnerability

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. A security vulnerability exists in Asterisk...

7.5CVSS7.5AI score0.0433EPSS
Exploits0References1
Lenovo
Lenovo
added 2017/07/25 12:0 a.m.12 views

Intel® PROSet/Wireless Software Denial of Service - Lenovo Support US

No description provided...

5.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/29 1:57 p.m.9 views

amca.org XSS vulnerability

Vulnerable URL: http://www.amca.org/certified-listed/continent.php?ContinentCode=AS=1"...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/06/05 12:0 a.m.5 views

Digium Asterisk Open Source and Certified Asterisk Denial of Service Vulnerabilities

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. A denial of service vulnerability exists in...

7.5CVSS6.7AI score0.02819EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/06/02 5:29 a.m.17 views

CVE-2017-9359

The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References2
OSV
OSV
added 2017/06/02 5:29 a.m.13 views

CVE-2017-9358

A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion by message loggin...

7.5CVSS6.7AI score
Exploits0References4
OpenVAS
OpenVAS
added 2017/04/18 12:0 a.m.43 views

Asterisk Open Source and Certified Asterisk RTP Resource Exhaustion DoS Vulnerability

Asterisk Open Source and Certified Asterisk are prone to a remote denial of service DoS vulnerability. This VT has been deprecated since this check is already covered in SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

7.5CVSS7.4AI score0.05468EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/04/17 4:59 p.m.27 views

CVE-2016-7551

chainsip in Asterisk Open Source 11.x before 11.23.1 and 13.x 13.11.1 and Certified Asterisk 11.6 before 11.6-cert15 and 13.8 before 13.8-cert3 allows remote attackers to cause a denial of service port exhaustion...

7.5CVSS7.1AI score0.05468EPSS
Exploits0References2
Prion
Prion
added 2017/04/17 4:59 p.m.20 views

Code injection

chainsip in Asterisk Open Source 11.x before 11.23.1 and 13.x 13.11.1 and Certified Asterisk 11.6 before 11.6-cert15 and 13.8 before 13.8-cert3 allows remote attackers to cause a denial of service port exhaustion...

5CVSS7AI score0.05468EPSS
Exploits0References5Affected Software3
CNVD
CNVD
added 2017/04/12 12:0 a.m.6 views

Digium Asterisk Open Source and Certified Asterisk CDR Buffer Overflow Vulnerability

Digium Asterisk Open Source and Certified Asterisk are open source telephone switch PBX system software from Digium, Inc. in the United States. A buffer overflow vulnerability exists in Digium Asterisk Open Source and Certified Asterisk's handling of CDR user fields. A remote attacker could explo...

8.8CVSS9.1AI score0.06243EPSS
Exploits0References1
Wallarm Lab
Wallarm Lab
added 2017/04/06 12:51 a.m.18 views

Wallarm Teams up with NGINX Plus to Provide Advanced Security

Wallarm is excited to be a pioneer security vendor in NGINX Certified Module program and provide trusted and verified security functionality to NGINX Plus customers. “We are pleased to announce that Wallarm is now part of the NGINX Plus Certified Module program with the Wallarm Next Generation WA...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2017/03/01 12:8 a.m.17 views

THN Deal: Complete Linux Certification Training (Save 97%)

If you are also searching for the answers to what skills are needed for a job in cyber security, you should know that this varies widely based upon the responsibilities of a particular role, the type of company you want to work with, and especially on it’s IT architect. However, Linux is the most...

6.4AI score
Exploits0
Cisco Threats
Cisco Threats
added 2016/10/24 1:47 p.m.13 views

Threat Outbreak Alert RuleID25821: Email Messages Distributing Malicious Software on October 24, 2016

Medium Alert ID: 49400 First Published: 2016 October 24 13:47 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID25821 may contain the following files: Name |...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2016/09/12 12:0 a.m.31 views

Asterisk RTP Resource Exhaustion Vulnerability (AST-2016-007)

Asterisk is prone to a RTP resource exhaustion vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; i...

7.5CVSS7.4AI score0.05468EPSS
Exploits0References2
myhack58
myhack58
added 2016/08/07 12:0 a.m.161 views

More than 6 0 Non-disclosure vulnerability 2 2 a home router(SOHU router)-vulnerability warning-the black bar safety net

! The affected router list as follows: 1. Observa Telecom AW4062 2. Comtrend WAP-5813n 3. Comtrend CT-5 3 6 5 4. D-Link DSL-2750B 5. Belkin F5D7632-4 6. Sagem LiveBox Pro 2 SP 7. Amper Xavi 7 9 6 8 and 7 9 6 8+ 8. Sagem Fast 1 2 0 1 9. Linksys WRT54GL 1 0. Observa Telecom RTA01N 1 1...

0.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/04/14 12:0 a.m.8 views

The vulnerability of the Asterisk IP-telephony management system, as well as the Certified Asterisk IP-telephony management system, allows a perpetrator to trigger a service failure.

The vulnerability of the chansip function in IP-telephony management systems of Certified Asterisk and Asterisk is related to the setting of the timert1 sip.conf value, which exceeds 1245. Exploiting this vulnerability allows a malicious actor to cause a service failure exhaustion of file...

7.1CVSS6.5AI score0.04973EPSS
Exploits1References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/03/31 12:0 a.m.5 views

The vulnerability of Asterisk IP-telephony management systems and Certified Asterisk, which allows a perpetrator to trigger a service failure.

The vulnerability of Asterisk IP-telephony systems and Certified Asterisk is related to errors in pointer assignment. Exploiting this vulnerability can allow a malicious actor to cause service failures pointer assignment of an uninitialized pointer and emergency termination of operations...

4CVSS6.7AI score0.05079EPSS
Exploits0References2Affected Software2
myhack58
myhack58
added 2016/03/17 12:0 a.m.24 views

v2. 7. 1 The following version of the Git in the presence of vulnerabilities, or may lead to remote code execution-vulnerability warning-the black bar safety net

It is understood that the security researchers in 2. 7. 1 version before all versions of the Git found a security vulnerability in its server and client are the presence of this vulnerability. An attacker can exploit this vulnerability to cause the target system to a buffer overflow, resulting in...

8AI score
Exploits0
Rows per page
Query Builder