Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified contact center express 8.0 vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2013-1169
Cisco Unified MeetingPlace Web Conferencing Server 7.x prior to 7.1MR1 Patch 2, 8.0 prior to 8.0MR1 Patch 2, and 8.5 prior to 8.5MR3 Patch 1, when the Remember Me option is used, does not properly verify cookies, which allows remote malicious users to impersonate users via a craf...
Cisco Unified Meetingplace Web Conferencing Server 7.1
Cisco Unified Meetingplace Web Conferencing Server 8.0
Cisco Unified Meetingplace Web Conferencing Server 8.5
790
VMScore
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp 4.2.8
Ntp Ntp
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Oncommand Unified Manager -
Netapp Oncommand Performance Manager -
785
VMScore
CVE-2011-3315
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x prior to 6.1(5)SU2, 7.x prior to 7.1(5b)SU2, and 8.x prior to 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (U...
Cisco Unified Ip Interactive Voice Response -
Cisco Unified Ip Ivr 6.0(1)
Cisco Unified Ip Ivr 7.0(1)
Cisco Unified Ip Ivr 7.0(2)
Cisco Unified Ip Ivr 8.0(1)
Cisco Unified Ip Ivr 8.0(2)
Cisco Unified Ip Ivr 8.5(1)
Cisco Unified Communications Manager 5.1(3e)
Cisco Unified Communications Manager 6.1(3a)
Cisco Unified Communications Manager 8.0(2c)
Cisco Unified Communications Manager 5.1(3c)
Cisco Unified Communications Manager 6.1(2)
Cisco Unified Communications Manager 5.1(2a)
Cisco Unified Communications Manager 6.1(3b)su1
Cisco Unified Communications Manager 7.1(2b)su1
Cisco Unified Communications Manager 8.0(2)
Cisco Unified Communications Manager 5.1(1b)
Cisco Unified Communications Manager 7.1(2b)
Cisco Unified Communications Manager 5.1(1c)
Cisco Unified Communications Manager 6.1(2)su1a
Cisco Unified Communications Manager 5.1(2)
Cisco Unified Communications Manager 7.1(3b)
1 EDB exploit
694
VMScore
CVE-2012-3949
The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x prior to 7.1(5b)su5, 8.x prior to 8.5(1)su4, and 8.6 prior to 8.6(2a)su1; Cisco IOS 12.2 up to and including 12.4 and 15.0 up to and including 15.2; and Cisco IOS XE 3.3.xSG prior to 3.3.1SG, 3.4.xS...
Cisco Ios 12.2xnd
Cisco Ios 12.3ym
Cisco Ios 12.3yq
Cisco Ios 12.3xr
Cisco Unified Communications Manager 6.1(3a)
Cisco Ios 12.2sga
Cisco Ios 12.3bc
Cisco Unified Communications Manager 8.0(2c)
Cisco Ios 12.2xr
Cisco Ios 12.3ya
Cisco Unified Communications Manager 6.1(2)
Cisco Ios Xe 3.5.0s
Cisco Ios 12.2cz
Cisco Ios 12.2sxf
Cisco Ios 12.2fy
Cisco Ios Xe 3.4.1s
Cisco Ios 15.1
Cisco Ios 12.2xe
Cisco Ios 12.2scb
Cisco Ios 12.3xs
Cisco Ios 12.2sx
Cisco Ios 12.3xg
676
VMScore
CVE-2013-1168
The web server in Cisco Unified MeetingPlace Application Server 7.x prior to 7.1MR1 Patch 2, 8.0 prior to 8.0MR1 Patch 1, and 8.5 prior to 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote malicious users to hijack sessions by lev...
Cisco Unified Meetingplace 7.1
Cisco Unified Meetingplace 7.0
Cisco Unified Meetingplace 7.0.1
Cisco Unified Meetingplace 7.0.2
Cisco Unified Meetingplace 7.0.3
Cisco Unified Meetingplace 8.0
Cisco Unified Meetingplace 8.5.3
Cisco Unified Meetingplace 8.5.2
Cisco Unified Meetingplace 8.5.1
Cisco Unified Meetingplace 8.5
605
VMScore
CVE-2015-0209
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a might allow remote malicious users to cause a denial of service (memory corruption and applica...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
505
VMScore
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Agile Engineering Data Management 6.1.3
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.2
Oracle Jd Edwards World Security A9.3
Oracle Jd Edwards World Security A9.4
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.7.1
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
446
VMScore
CVE-2015-0291
The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.
Openssl Openssl 1.0.2
3 Github repositories
2 Articles
445
VMScore
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
445
VMScore
CVE-2015-1794
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »