Vulnerabilities (CVE)

Filtered by vendor Asterisk Subscribe

Filtered by product Open Source

Total 22 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2008-5558	1 Asterisk	2 Asterisk Business Edition, Open Source	2025-04-09	4.3 MEDIUM	N/A
Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching.
CVE-2008-0095	1 Asterisk	5 Asterisk Appliance Developer Kit, Asterisk Business Edition, Asterisknow and 2 more	2025-04-09	5.0 MEDIUM	N/A
The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference.