Kamailio versions 5.1.1, 5.1.0, and 5.0.0 suffer from an off-by-one heap overflow vulnerability.
b66a979516888fcd02663798f792032a195e6a13fb1ac62c080ec038c284f8d0
Asterisk running chan_pjsip suffers from an INVITE message denial of service vulnerability. Versions affected include Versions affected include 15.2.0, 15.1.0, 15.0.0, 13.19.0, 13.11.2, and 14.7.5.
f1253625e46f227de8752682b32d8862adf05b987de5b3ce80dd452d37d33ce3
Asterisk running chan_pjsip suffers from an SDP message related denial of service vulnerability. Versions affected include 13.10.0, 15.1.3, 15.1.4, 15.1.5, and 15.2.0.
dcd272d0bdc191e8821a8ff0875bcb1f860b59d55a4d240aea12f18340ff7f74
Asterisk version 15.2.0 running chan_pjsip suffers from an SDP message related denial of service vulnerability.
bb991ba13071f908ba4e3a364bc5fd50ffb86a758000294812e5c584d0d94d00
Asterisk running chan_pjsip suffers from a SUBSCRIBE message stack corruption vulnerability. Vulnerable versions include 15.2.0, 13.19.0, 14.7.5, and 13.11.2.
7ce6eb5d2b74840cec684d30e389db8a84881dd35088091f86c3e601f3984460
Asterisk version 14.4.0 with chan_skinny enabled suffers from a memory exhaustion vulnerability that can lead to a denial of service vulnerability.
f873e04bcb0eecc9597ab97c172b350143d8b4bc7a90a33fabc8192c71a4c519
Asterisk version 14.4.0 running chan_pjsip with PJSIP version 2.6 suffers from a denial of service vulnerability.
26735dd3956e23cd86d3bfd7f09cf45b7e07e2f91f84b5f91c48da4e3976b767
Asterisk version 14.4.0 with PJSIP version 2.6 suffers from a heap overflow vulnerability in CSEQ header parsing.
96d2411683190b99bf76dad788720f5b886c567643bf4124f892badaecf39a31