41 matches found
EUVD-2025-23381
Malicious code in bioql PyPI...
EUVD-2022-31056
Malicious code in bioql PyPI...
EUVD-2022-31057
Malicious code in bioql PyPI...
“No place in our networks”: FCC hangs up on thousands of voice operators in robocall war
Everyone hates robocalls. However, it's difficult to track down all the scammers and spammers that make them, so the Federal Communications Commission FCC has taken another approach: it just disconnected over a thousand voice operators from the public telephone network for not doing their part to...
Linux Distros Unpatched Vulnerability : CVE-2025-49832
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6,...
CVE-2025-49832
Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...
UBUNTU-CVE-2025-49832
Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...
CVE-2025-49832
Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...
Asterisk 代码问题漏洞
Asterisk is an Asterisk open source software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk suffers from a code issue vulnerability that originates from a remote denial of service and possible remote code execution in...
PT-2025-31568
Name of the Vulnerable Software and Affected Versions Asterisk versions 18.26.2 and earlier Asterisk versions 20.00.0 through 20.15.0 Asterisk version 20.7-cert6 Asterisk version 21.00.0 Asterisk versions 22.00.0 through 22.5.0 Description Asterisk is an open source private branch exchange and...
FCC warns of steep rise in phishing over SMS
After the FCC Federal Communications Commission made a huge splash weeks ago when it told Google and Apple to pull TikTok from their respective app stores, the federal agency is now warning Americans of an increased wave of SMS phishing attacks. SMS phishing, otherwise known as smishing or...
FCC warns of steep rise in phishing over SMS
After the FCC Federal Communications Commission made a huge splash weeks ago when it told Google and Apple to pull TikTok from their respective app stores, the federal agency is now warning Americans of an increased wave of SMS phishing attacks. SMS phishing, otherwise known as smishing or...
More than a quarter of Americans fell for robocall scam calls in past year
More and more Americans have been falling victim to phone scams since 2019. According to the latest report from Truecaller Google Docs upload of the entire report, separate blog here, a known spam blocker and caller ID app, 68.4 million Americans were victimized in the last 12 months, a substanti...
Server-side Request Forgery (SSRF)
asterisk is vulnerable to server-side request forgery. When using STIR/SHAKEN, an attacker can send arbitrary requests to the interfaces such as localhost by using the Identity header...
CVE-2022-26498
An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2...
CVE-2022-26499
An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...
DEBIAN-CVE-2022-26499
An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...
CVE-2022-26498
An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2...
ALPINE-CVE-2022-26499
An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...
CVE-2022-26499
An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...