Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified contact center express 8.0 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2013-1169
Cisco Unified MeetingPlace Web Conferencing Server 7.x prior to 7.1MR1 Patch 2, 8.0 prior to 8.0MR1 Patch 2, and 8.5 prior to 8.5MR3 Patch 1, when the Remember Me option is used, does not properly verify cookies, which allows remote malicious users to impersonate users via a craf...
Cisco Unified Meetingplace Web Conferencing Server 7.1
Cisco Unified Meetingplace Web Conferencing Server 8.0
Cisco Unified Meetingplace Web Conferencing Server 8.5
7.8
CVSSv2
CVE-2012-3949
The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x prior to 7.1(5b)su5, 8.x prior to 8.5(1)su4, and 8.6 prior to 8.6(2a)su1; Cisco IOS 12.2 up to and including 12.4 and 15.0 up to and including 15.2; and Cisco IOS XE 3.3.xSG prior to 3.3.1SG, 3.4.xS...
Cisco Unified Communications Manager 6.1\\(4\\)
Cisco Unified Communications Manager 6.1\\(4a\\)
Cisco Unified Communications Manager 6.1\\(4b\\)
Cisco Unified Communications Manager 6.1\\(5\\)
Cisco Unified Communications Manager 7.1\\(5b\\)su3
Cisco Unified Communications Manager 7.1\\(5b\\)su4
Cisco Unified Communications Manager 8.0
Cisco Unified Communications Manager 8.0\\(1\\)
Cisco Ios 12.2by
Cisco Ios 12.2bz
Cisco Ios 12.2ca
Cisco Ios 12.2cx
Cisco Ios 12.2irb
Cisco Ios 12.2ixa
Cisco Ios 12.2ixb
Cisco Ios 12.2ixc
Cisco Ios 12.2sea
Cisco Ios 12.2seb
Cisco Ios 12.2sec
Cisco Ios 12.2sed
Cisco Ios 12.2sva
Cisco Ios 12.2svc
7.8
CVSSv2
CVE-2011-3315
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x prior to 6.1(5)SU2, 7.x prior to 7.1(5b)SU2, and 8.x prior to 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (U...
Cisco Unified Ip Interactive Voice Response -
Cisco Unified Ip Ivr 7.0\\(1\\)
Cisco Unified Ip Ivr 7.0\\(2\\)
Cisco Unified Ip Ivr 8.0\\(1\\)
Cisco Unified Ip Ivr 8.5\\(1\\)
Cisco Unified Ip Ivr 6.0\\(1\\)
Cisco Unified Ip Ivr 8.0\\(2\\)
Cisco Unified Communications Manager 6.1\\(3b\\)
Cisco Unified Communications Manager 6.1\\(2\\)
Cisco Unified Communications Manager 6.1\\(2\\)su1a
Cisco Unified Communications Manager 6.1\\(1b\\)
Cisco Unified Communications Manager 6.0
Cisco Unified Communications Manager 6.1\\(5\\)su1
Cisco Unified Communications Manager 7.1\\(3a\\)su1
Cisco Unified Communications Manager 7.1\\(3b\\)
Cisco Unified Communications Manager 7.1\\(3a\\)
Cisco Unified Communications Manager 7.1\\(3\\)
Cisco Unified Communications Manager 7.0\\(2a\\)
Cisco Unified Communications Manager 7.1\\(2a\\)
Cisco Unified Communications Manager 7.1\\(2a\\)su1
Cisco Unified Communications Manager 7.1\\(2b\\)
Cisco Unified Communications Manager 5.1\\(1\\)
1 EDB exploit
7.6
CVSSv2
CVE-2013-1168
The web server in Cisco Unified MeetingPlace Application Server 7.x prior to 7.1MR1 Patch 2, 8.0 prior to 8.0MR1 Patch 1, and 8.5 prior to 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote malicious users to hijack sessions by lev...
Cisco Unified Meetingplace 7.0.2
Cisco Unified Meetingplace 7.0
Cisco Unified Meetingplace 7.0.3
Cisco Unified Meetingplace 7.1
Cisco Unified Meetingplace 7.0.1
Cisco Unified Meetingplace 8.0
Cisco Unified Meetingplace 8.5
Cisco Unified Meetingplace 8.5.1
Cisco Unified Meetingplace 8.5.2
Cisco Unified Meetingplace 8.5.3
7.5
CVSSv2
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
6.8
CVSSv2
CVE-2015-0209
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a might allow remote malicious users to cause a denial of service (memory corruption and applica...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
5
CVSSv2
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0a
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.2
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Application Session Controller 3.7.1
Oracle Jd Edwards World Security A9.4
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Agile Engineering Data Management 6.1.3
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.3
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
5
CVSSv2
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0a
Openssl Openssl 1.1.0b
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
5
CVSSv2
CVE-2015-1794
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
5
CVSSv2
CVE-2015-3193
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 prior to 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote malicious users to obt...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
Nodejs Node.js
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »