Bug | jessie | stretch | buster | bullseye | sid | Description |
---|
CVE-2024-42491 | vulnerable | fixed | fixed | fixed | fixed | Asterisk is an open-source private branch exchange (PBX). Prior to ver ... |
CVE-2024-42365 | vulnerable | fixed | fixed | fixed | fixed | Asterisk is an open source private branch exchange (PBX) and telephony ... |
CVE-2023-49786 | vulnerable | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Asterisk is an open source private branch exchange and telephony toolk ... |
CVE-2023-49294 | vulnerable | fixed | fixed | fixed | fixed | Asterisk is an open source private branch exchange and telephony toolk ... |
CVE-2023-38703 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2023-37457 | vulnerable | fixed | fixed | fixed | fixed | Asterisk is an open source private branch exchange and telephony toolk ... |
CVE-2023-27585 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-42706 | vulnerable | fixed | fixed | fixed | fixed | An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 t ... |
CVE-2022-42705 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.1 ... |
CVE-2022-39269 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-39244 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-37325 | vulnerable | fixed | fixed | fixed | fixed | In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, an ... |
CVE-2022-31031 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-26651 | vulnerable | fixed | fixed | fixed | fixed | An issue was discovered in Asterisk through 19.x and Certified Asteris ... |
CVE-2022-26499 | vulnerable | fixed | fixed | fixed | fixed | An SSRF issue was discovered in Asterisk through 19.x. When using STIR ... |
CVE-2022-26498 | vulnerable | fixed | fixed | fixed | fixed | An issue was discovered in Asterisk through 19.x. When using STIR/SHAK ... |
CVE-2022-24793 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-24792 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-24786 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-24764 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-24763 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-24754 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-23608 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-23547 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-23537 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-21723 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2022-21722 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2021-46837 | vulnerable | fixed | fixed | fixed | fixed | res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17. ... |
CVE-2021-43845 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library. In v ... |
CVE-2021-43804 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2021-43303 | vulnerable | fixed | fixed | fixed | fixed | Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker ... |
CVE-2021-43302 | vulnerable | fixed | fixed | fixed | fixed | Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An ... |
CVE-2021-43301 | vulnerable | fixed | fixed | fixed | fixed | Stack overflow in PJSUA API when calling pjsua_playlist_create. An att ... |
CVE-2021-43300 | vulnerable | fixed | fixed | fixed | fixed | Stack overflow in PJSUA API when calling pjsua_recorder_create. An att ... |
CVE-2021-43299 | vulnerable | fixed | fixed | fixed | fixed | Stack overflow in PJSUA API when calling pjsua_player_create. An attac ... |
CVE-2021-37706 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2021-32686 | vulnerable | fixed | fixed | fixed | fixed | PJSIP is a free and open source multimedia communication library writt ... |
CVE-2021-32558 | vulnerable | fixed | fixed | fixed | fixed | An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x ... |
CVE-2021-26906 | vulnerable | fixed | fixed | fixed | fixed | An issue was discovered in res_pjsip_session.c in Digium Asterisk thro ... |
CVE-2021-26717 | vulnerable | fixed | fixed | fixed | fixed | An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x ... |
CVE-2020-35776 | vulnerable | fixed | fixed | fixed | fixed | A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk version ... |
CVE-2020-35652 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk b ... |
CVE-2020-28327 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | A res_pjsip_session crash was discovered in Asterisk Open Source 13.x ... |
CVE-2020-28242 | vulnerable | fixed | fixed | fixed | fixed | An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 1 ... |
CVE-2019-15297 | fixed | vulnerable (no DSA, ignored) | fixed | fixed | fixed | res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 1 ... |
CVE-2019-13161 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | An issue was discovered in Asterisk Open Source through 13.27.0, 14.x ... |
CVE-2019-12827 | fixed | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13. ... |
Bug | Description |
---|
TEMP-0000000-964ED9 | AST-2016-005 |
CVE-2024-35190 | Asterisk is an open source private branch exchange and telephony toolk ... |
CVE-2021-31878 | An issue was discovered in PJSIP in Asterisk before 16.19.1 and before ... |
CVE-2021-26713 | A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asteris ... |
CVE-2021-26712 | Incorrect access controls in res_srtp.c in Sangoma Asterisk 13.38.1, 1 ... |
CVE-2019-18976 | An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through ... |
CVE-2019-18790 | An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13. ... |
CVE-2019-18610 | An issue was discovered in manager.c in Sangoma Asterisk through 13.x, ... |
CVE-2019-15639 | main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remot ... |
CVE-2019-7251 | An Integer Signedness issue (for a return code) in the res_pjsip_sdp_r ... |
CVE-2018-19278 | Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x b ... |
CVE-2018-17281 | There is a stack consumption vulnerability in the res_http_websocket.s ... |
CVE-2018-12228 | An issue was discovered in Asterisk Open Source 15.x before 15.4.1. Wh ... |
CVE-2018-12227 | An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 1 ... |
CVE-2018-7287 | An issue was discovered in res_http_websocket.c in Asterisk 15.x throu ... |
CVE-2018-7286 | An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7 ... |
CVE-2018-7285 | A NULL pointer access issue was discovered in Asterisk 15.x through 15 ... |
CVE-2018-7284 | A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14 ... |
CVE-2017-17850 | An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and olde ... |
CVE-2017-17664 | A Remote Crash issue was discovered in Asterisk Open Source 13.x befor ... |
CVE-2017-17090 | An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18 ... |
CVE-2017-16672 | An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 ... |
CVE-2017-16671 | A Buffer Overflow issue was discovered in Asterisk Open Source 13 befo ... |
CVE-2017-14603 | In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before ... |
CVE-2017-14100 | In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before ... |
CVE-2017-14099 | In res/res_rtp_asterisk.c in Asterisk 11.x before 11.25.2, 13.x before ... |
CVE-2017-14098 | In the pjsip channel driver (res_pjsip) in Asterisk 13.x before 13.17. ... |
CVE-2017-9358 | A memory exhaustion vulnerability exists in Asterisk Open Source 13.x ... |
CVE-2017-7617 | Remote code execution can occur in Asterisk Open Source 13.x before 13 ... |
CVE-2016-9938 | An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 1 ... |
CVE-2016-9937 | An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x be ... |
CVE-2016-7551 | chain_sip in Asterisk Open Source 11.x before 11.23.1 and 13.x 13.11.1 ... |
CVE-2016-7550 | asterisk 13.10.0 is affected by: denial of service issues in asterisk. ... |
CVE-2016-2316 | chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and ... |
CVE-2016-2232 | Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before ... |
CVE-2015-3008 | Asterisk Open Source 1.8 before 1.8.32.3, 11.x before 11.17.1, 12.x be ... |
CVE-2015-1558 | Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when u ... |
CVE-2014-9374 | Double free vulnerability in the WebSocket Server (res_http_websocket ... |
CVE-2014-8418 | The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, ... |
CVE-2014-8417 | ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13 ... |
CVE-2014-8416 | Use-after-free vulnerability in the PJSIP channel driver in Asterisk O ... |
CVE-2014-8415 | Race condition in the chan_pjsip channel driver in Asterisk Open Sourc ... |
CVE-2014-8414 | ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 ... |
CVE-2014-8413 | The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 an ... |
CVE-2014-8412 | The (1) VoIP channel drivers, (2) DUNDi, and (3) Asterisk Manager Inte ... |
CVE-2014-6610 | Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Ce ... |
CVE-2014-6609 | The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 ... |
CVE-2014-4048 | The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows ... |
CVE-2014-4047 | Asterisk Open Source 1.8.x before 1.8.28.1, 11.x before 11.10.1, and 1 ... |
CVE-2014-4046 | Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Ce ... |
CVE-2014-4045 | The Publish/Subscribe Framework in the PJSIP channel driver in Asteris ... |
CVE-2014-2289 | res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Op ... |
CVE-2014-2288 | The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, w ... |
CVE-2014-2287 | channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11. ... |
CVE-2014-2286 | main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x befo ... |
CVE-2013-7100 | Buffer overflow in the unpacksms16 function in apps/app_sms.c in Aster ... |
CVE-2013-5642 | The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1 ... |
CVE-2013-5641 | The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1 ... |
CVE-2013-2686 | main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1. ... |
CVE-2013-2685 | Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk ... |
CVE-2013-2264 | The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, ... |
CVE-2012-5977 | Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 1 ... |
CVE-2012-5976 | Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8 ... |
CVE-2012-4737 | channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and ... |
CVE-2012-3863 | channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and ... |
CVE-2012-3812 | Double free vulnerability in apps/app_voicemail.c in Asterisk Open Sou ... |
CVE-2012-3553 | chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open ... |
CVE-2012-2948 | chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Ast ... |
CVE-2012-2947 | chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-ce ... |
CVE-2012-2416 | chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x bef ... |
CVE-2012-2415 | Heap-based buffer overflow in chan_skinny.c in the Skinny channel driv ... |
CVE-2012-2414 | main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2. ... |
CVE-2012-2186 | Incomplete blacklist vulnerability in main/manager.c in Asterisk Open ... |
CVE-2012-1184 | Stack-based buffer overflow in the ast_parse_digest function in main/u ... |
CVE-2012-1183 | Stack-based buffer overflow in the milliwatt_generate function in the ... |
CVE-2012-0885 | chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x befor ... |
CVE-2011-4598 | The handle_request_info function in channels/chan_sip.c in Asterisk Op ... |
CVE-2011-4597 | The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1 ... |
CVE-2011-4063 | chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x bef ... |
CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windo ... |
CVE-2011-2666 | The default configuration of the SIP channel driver in Asterisk Open S ... |
CVE-2011-2665 | reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8 ... |
CVE-2011-2536 | chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x bef ... |
CVE-2011-2535 | chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x b ... |
CVE-2011-2529 | chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x bef ... |
CVE-2011-2216 | reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8 ... |
CVE-2011-1599 | manager.c in the Manager Interface in Asterisk Open Source 1.4.x befor ... |
CVE-2011-1507 | Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1 ... |
CVE-2011-1175 | tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before ... |
CVE-2011-1174 | manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x bef ... |
CVE-2011-1147 | Multiple stack-based and heap-based buffer overflows in the (1) decode ... |
CVE-2011-0495 | Stack-based buffer overflow in the ast_uri_encode function in main/uti ... |
CVE-2010-1224 | main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x be ... |
CVE-2010-0685 | The design of the dialplan functionality in Asterisk Open Source 1.2.x ... |
CVE-2010-0441 | Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, ... |
CVE-2009-4055 | rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27 ... |
CVE-2009-3727 | Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0 ... |
CVE-2009-3723 | asterisk allows calls on prohibited networks |
CVE-2009-2726 | The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1. ... |
CVE-2009-2651 | main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote ... |
CVE-2009-2346 | The IAX2 protocol implementation in Asterisk Open Source 1.2.x before ... |
CVE-2009-0871 | The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4 ... |
CVE-2009-0041 | IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23- ... |
CVE-2008-7220 | Unspecified vulnerability in Prototype JavaScript framework (prototype ... |
CVE-2008-5558 | Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2. ... |
CVE-2008-3903 | Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1 ... |
CVE-2008-3264 | The FWDOWNL firmware-download implementation in Asterisk Open Source 1 ... |
CVE-2008-3263 | The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x ... |
CVE-2008-2119 | Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Editio ... |
CVE-2008-1923 | The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72 ... |
CVE-2008-1897 | The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2 ... |
CVE-2008-1390 | The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.1 ... |
CVE-2008-1333 | Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0 ... |
CVE-2008-1332 | Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, ... |
CVE-2008-1289 | Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18. ... |
CVE-2008-0095 | The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Bu ... |
CVE-2007-6430 | Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and ... |
CVE-2007-6171 | SQL injection vulnerability in the Postgres Realtime Engine (res_confi ... |
CVE-2007-6170 | SQL injection vulnerability in the Call Detail Record Postgres logging ... |
CVE-2007-5358 | Multiple buffer overflows in the voicemail functionality in Asterisk 1 ... |
CVE-2007-4521 | Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an I ... |
CVE-2007-4455 | The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before ... |
CVE-2007-4280 | The Skinny channel driver (chan_skinny) in Asterisk Open Source before ... |
CVE-2007-4103 | The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2. ... |
CVE-2007-3765 | The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW be ... |
CVE-2007-3764 | The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and ... |
CVE-2007-3763 | The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4. ... |
CVE-2007-3762 | Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in ... |
CVE-2007-2488 | The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does n ... |
CVE-2007-2383 | The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data ... |
CVE-2007-2297 | The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x ... |
CVE-2007-2294 | The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 ... |
CVE-2007-2293 | Multiple stack-based buffer overflows in the process_sdp function in c ... |
CVE-2007-1595 | The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk doe ... |
CVE-2007-1561 | The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 al ... |
CVE-2007-1306 | Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote attacker ... |
CVE-2006-5445 | Unspecified vulnerability in the SIP channel driver (channels/chan_sip ... |
CVE-2006-5444 | Integer overflow in the get_input function in the Skinny channel drive ... |
CVE-2006-4346 | Asterisk 1.2.10 supports the use of client-controlled variables to det ... |
CVE-2006-4345 | Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asteris ... |
CVE-2006-2898 | The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 an ... |
CVE-2006-1827 | Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlie ... |
CVE-2005-3559 | Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 throu ... |
CVE-2005-2081 | Stack-based buffer overflow in the function that parses commands in As ... |
CVE-2003-0779 | SQL injection vulnerability in the Call Detail Record (CDR) logging fu ... |
CVE-2003-0761 | Buffer overflow in the get_msg_text of chan_sip.c in the Session Initi ... |