Lucene search
K

37 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-23381

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00446EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-31056

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.16406EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-31057

Malicious code in bioql PyPI...

9.1CVSS9AI score0.0768EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-49832

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6,...

6.5CVSS5.5AI score0.00446EPSS
Exploits1References2
NVD
NVD
added 2025/08/01 6:15 p.m.6 views

CVE-2025-49832

Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...

6.5CVSS0.00446EPSS
Exploits1References1
OSV
OSV
added 2025/08/01 6:15 p.m.2 views

UBUNTU-CVE-2025-49832

Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...

6.5CVSS5.9AI score0.00446EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2025/08/01 5:57 p.m.6 views

CVE-2025-49832

Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...

6.5CVSS5.6AI score0.00446EPSS
Exploits1
CNNVD
CNNVD
added 2025/08/01 12:0 a.m.4 views

Asterisk 代码问题漏洞

Asterisk is an Asterisk open source software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk suffers from a code issue vulnerability that originates from a remote denial of service and possible remote code execution in...

6.5CVSS8AI score0.00446EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.4 views

PT-2025-31568

Name of the Vulnerable Software and Affected Versions Asterisk versions 18.26.2 and earlier Asterisk versions 20.00.0 through 20.15.0 Asterisk version 20.7-cert6 Asterisk version 21.00.0 Asterisk versions 22.00.0 through 22.5.0 Description Asterisk is an open source private branch exchange and...

6.5CVSS7AI score0.00446EPSS
Exploits1References13
Malwarebytes
Malwarebytes
added 2022/08/05 12:39 p.m.24 views

FCC warns of steep rise in phishing over SMS

After the FCC Federal Communications Commission made a huge splash weeks ago when it told Google and Apple to pull TikTok from their respective app stores, the federal agency is now warning Americans of an increased wave of SMS phishing attacks. SMS phishing, otherwise known as smishing or...

Exploits0
Malwarebytes
Malwarebytes
added 2022/08/03 2:0 p.m.15 views

FCC warns of steep rise in phishing over SMS

After the FCC Federal Communications Commission made a huge splash weeks ago when it told Google and Apple to pull TikTok from their respective app stores, the federal agency is now warning Americans of an increased wave of SMS phishing attacks. SMS phishing, otherwise known as smishing or...

Exploits0
Malwarebytes
Malwarebytes
added 2022/06/01 11:37 p.m.21 views

More than a quarter of Americans fell for robocall scam calls in past year

More and more Americans have been falling victim to phone scams since 2019. According to the latest report from Truecaller Google Docs upload of the entire report, separate blog here, a known spam blocker and caller ID app, 68.4 million Americans were victimized in the last 12 months, a substanti...

7.2AI score
Exploits0
Veracode
Veracode
added 2022/04/22 7:26 p.m.29 views

Server-side Request Forgery (SSRF)

asterisk is vulnerable to server-side request forgery. When using STIR/SHAKEN, an attacker can send arbitrary requests to the interfaces such as localhost by using the Identity header...

9.1CVSS2.6AI score0.0768EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2022/04/15 5:15 a.m.16 views

CVE-2022-26498

An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

7.5CVSS0.16406EPSS
Exploits0References6
NVD
NVD
added 2022/04/15 5:15 a.m.21 views

CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS0.0768EPSS
Exploits0References5
OSV
OSV
added 2022/04/15 5:15 a.m.1 views

DEBIAN-CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS8.6AI score0.0768EPSS
Exploits0References1
OSV
OSV
added 2022/04/15 5:15 a.m.42 views

CVE-2022-26498

An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

7.5CVSS1.9AI score
Exploits0References6
OSV
OSV
added 2022/04/15 5:15 a.m.3 views

ALPINE-CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS7AI score0.0768EPSS
Exploits0References1
OSV
OSV
added 2022/04/15 5:15 a.m.46 views

CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS1.6AI score
Exploits0References5
OSV
OSV
added 2022/04/15 5:15 a.m.3 views

ALPINE-CVE-2022-26498

An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

7.5CVSS6.8AI score0.16406EPSS
Exploits0References1
Rows per page
Query Builder