Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5882
SQL injection vulnerability in login.asp in Citrix Application Gateway - Broadcast Server (BCS) prior to 6.1, as used by Avaya AG250 - Broadcast Server prior to 2.0 and possibly other products, allows remote malicious users to execute arbitrary SQL commands via the txtUID paramet...
Citrix Broadcast Server
Avaya Broadcast Server
NA
CVE-2007-3320
The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and previous versions SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote malicious users to have an unspecified impact.
Avaya 4602sw Ip Phone
NA
CVE-2007-3321
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and previous versions SIP firmware allows remote malicious users to cause a denial of service (device reboot) via a flood of packets to the BOOTP port (68/udp).
Avaya 4602sw Ip Phone
NA
CVE-2007-3322
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and previous versions SIP firmware uses a constant media port number for calls, which allows remote malicious users to cause a denial of service (audio quality loss) via a flood of packets to the RTP port.
Avaya 4602sw Ip Phone
NA
CVE-2001-1261
Avaya Argent Office 2.1 may allow remote malicious users to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file.
Avaya Argent Office 2.1
NA
CVE-2001-1262
Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote malicious users to bypass authentication with a 0 length community string.
Avaya Argent Office 2.1
6.7
CVSSv3
CVE-2018-15611
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version before 7.1.3.1.
Avaya Aura Communication Manager
6.1
CVSSv3
CVE-2018-15613
A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
Avaya Aura Orchestration Designer
7.5
CVSSv3
CVE-2018-15617
A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions before 7.1.3.2, and all 8.x versions before 8.0...
Avaya Aura Communication Manager
7.1
CVSSv3
CVE-2009-3939
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and previous versions has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
Linux Linux Kernel
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Virtualization 5
Redhat Enterprise Linux Eus 5.4
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Communication Manager 5.2
Avaya Voice Portal 5.0
Avaya Aura System Platform 1.1
Avaya Aura Session Manager 1.1
Avaya Aura Session Manager 5.2
Avaya Aura Sip Enablement Services 5.2
Avaya Aura Application Enablement Services 5.2
Avaya Aura Application Enablement Services 5.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »