Asterisk
Monthly
A local privilege escalation vulnerability exists in the safe_asterisk script included with the Asterisk toolkit package. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Asterisk is an open source private branch exchange and telephony toolkit. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Asterisk is an open source private branch exchange and telephony toolkit. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Asterisk is an open source private branch exchange and telephony toolkit. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Asterisk is an open-source private branch exchange (PBX). Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Asterisk is an open-source private branch exchange (PBX). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary code via the action_createconfig function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A local privilege escalation vulnerability exists in the safe_asterisk script included with the Asterisk toolkit package. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Asterisk is an open source private branch exchange and telephony toolkit. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Asterisk is an open source private branch exchange and telephony toolkit. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Asterisk is an open source private branch exchange and telephony toolkit. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Asterisk is an open-source private branch exchange (PBX). Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Asterisk is an open-source private branch exchange (PBX). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary code via the action_createconfig function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.