asterisk open_source CVE Vulnerabilities (22)

CVEs: 22 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting asterisk open_source (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 2122 of 22 CVEs
«« First « Prev Page 2 / 2 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2008-0095 The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference. [email protected] 5.0 25.42% 2008-01-07 2026-06-16
CVE-2007-6430 Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations ("realtime") and host-based authentication, does not check the IP address when the username is correct and there is no password, which allows remote attackers to bypass authentication using a valid username. [email protected] 4.3 1.95% 2007-12-19 2026-06-16
«« First « Prev Page 2 / 2 Next »
cvelogic Threat Intelligence