Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2023-02-02 Asterisk -- multiple vulnerabilities
2022-04-14 Asterisk -- func_odbc: Possible SQL Injection
Asterisk -- multiple vulnerabilities
2022-03-05 asterisk -- multiple vulnerabilities
2021-07-23 asterisk -- pjproject/pjsip: crash when SSL socket destroyed during handshake
asterisk -- Remote Crash Vulnerability in PJSIP channel driver
asterisk -- Remote crash when using IAX2 channel driver
2021-03-04 asterisk -- Crash when negotiating T.38 with a zero port
2021-02-18 asterisk -- An unsuspecting user could crash Asterisk with multiple hold/unhold requests
asterisk -- Remote attacker could prematurely tear down SRTP calls
asterisk -- Remote crash in res_pjsip_diversion
asterisk -- Remote crash possible when negotiating T.38
asterisk -- Remote Crash Vulnerability in PJSIP channel driver
2020-12-22 asterisk -- Remote crash in res_pjsip_diversion
2020-11-05 asterisk -- Outbound INVITE loop on challenge with different nonce
asterisk -- Remote crash in res_pjsip_session
2014-06-17 asterisk -- multiple vulnerabilities
2014-03-10 asterisk -- multiple vulnerabilities
2013-12-17 asterisk -- multiple vulnerabilities
2013-08-28 asterisk -- multiple vulnerabilities
2013-03-29 asterisk -- multiple vulnerabilities
2013-01-03 asterisk -- multiple vulnerabilities
2012-08-30 asterisk -- multiple vulnerabilities
2012-07-06 asterisk -- multiple vulnerabilities
2012-05-29 asterisk -- multiple vulnerabilities
2012-04-23 asterisk -- multiple vulnerabilities
2012-03-15 asterisk -- multiple vulnerabilities
2012-01-20 asterisk -- SRTP Video Remote Crash Vulnerability
2011-12-09 asterisk -- Multiple Vulnerabilities
2011-10-17 asterisk -- remote crash vulnerability in SIP channel driver
2011-06-25 Asterisk -- multiple vulnerabilities
2011-06-02 asterisk -- Remote crash vulnerability
2011-04-21 Asterisk -- multiple vulnerabilities
2011-03-16 asterisk -- Multiple Vulnerabilities
2011-02-22 asterisk -- Exploitable Stack and Heap Array Overflows
2011-01-19 asterisk -- Exploitable Stack Buffer Overflow