Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Asterisk Subscribe
Filtered by product Open Source

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-3723 2 Asterisk, Debian 2 Open Source, Debian Linux 2019-11-01 5.0 MEDIUM 7.5 HIGH
asterisk allows calls on prohibited networks
CVE-2017-9358 1 Asterisk 2 Certified Asterisk, Open Source 2019-10-03 5.0 MEDIUM 7.5 HIGH
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop).