CVE-2026-23741

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/astcoredumper runs as root, as noted by the NOTES tag on line 689 of the astcoredumper file. The script will source the conten...

CVE-2026-23741

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/astcoredumper runs as root, as noted by the NOTES tag on line 689 of the astcoredumper file. The script will source the conten...

CVE-2025-1131 Asterisk Unsafe Shell Sourcing in safe_asterisk Leads to Local Privilege Escalation

A local privilege escalation vulnerability exists in the safeasterisk script included with the Asterisk toolkit package. When Asterisk is started via this script common in SysV init or FreePBX environments, it sources all .sh files located in /etc/asterisk/startup.d/ as root, without validating...

UBUNTU-CVE-2020-24331

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file which contains various settings related to this daemon...

kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c

A flaw was found in the Linux kernel in the hiddebugeventsread function in the drivers/hid/hid-debug.c file. A lack of the certain checks may allow a privileged user "root" to achieve an out-of-bounds write and thus receiving user space buffer corruption...