Asterisk Security Vulnerabilities and Issues — Asterisk CVE List

Lucene search

SangomaAsterisk

4 matches found

CVE•added 2022/12/05 9:15 p.m.•79 views

CVE-2022-37325

In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash.

7.5CVSS7.3AI score0.0022EPSS

CVE•added 2009/09/08 6:30 p.m.•56 views

CVE-2009-2346

The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to...

7.8CVSS6.4AI score0.51548EPSS

CVE•added 2019/10/29 7:15 p.m.•55 views

CVE-2009-3723

asterisk allows calls on prohibited networks

7.5CVSS7.5AI score0.00653EPSS

CVE•added 2017/06/02 5:29 a.m.•48 views

CVE-2017-9358

A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging...

7.5CVSS7.3AI score0.01188EPSS