Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-3322
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and previous versions SIP firmware uses a constant media port number for calls, which allows remote malicious users to cause a denial of service (audio quality loss) via a flood of packets to the RTP port.
Avaya 4602sw Ip Phone
4
CVSSv2
CVE-2020-7035
An XML External Entities (XXE)vulnerability in the web-based user interface of Avaya Aura Orchestration Designer could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system. The affected versions of Orchestration Des...
Avaya Aura Orchestration Designer
5
CVSSv2
CVE-2018-15617
A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions before 7.1.3.2, and all 8.x versions before 8.0...
Avaya Aura Communication Manager
4.6
CVSSv2
CVE-2021-25650
A privilege escalation vulnerability exists in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services
Avaya Aura Utility Services
4.6
CVSSv2
CVE-2021-25651
A privilege escalation vulnerability exists in Avaya Aura Utility Services that may potentially allow a local user to escalate privileges. Affects all 7.x versions of Avaya Aura Utility Services
Avaya Aura Utility Services
4.6
CVSSv2
CVE-2021-25654
An arbitrary code execution vulnerability exists in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 up to and including 8.1.4.0 versions of Avaya Aura Device Services.
Avaya Aura Device Services
4.3
CVSSv2
CVE-2018-15613
A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
Avaya Aura Orchestration Designer
5
CVSSv2
CVE-2001-1261
Avaya Argent Office 2.1 may allow remote malicious users to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file.
Avaya Argent Office 2.1
NA
CVE-2023-3527
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to ...
Avaya Call Management System
6.8
CVSSv2
CVE-2004-0595
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore nul...
Redhat Fedora Core Core 2.0
Trustix Secure Linux 2.0
Redhat Fedora Core Core 1.0
Avaya Converged Communications Server 2.0
Trustix Secure Linux 1.5
Trustix Secure Linux 2.1
Avaya S8500 R2.0.1
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Avaya S8300 R2.0.0
Php Php 4.3.6
Avaya Integrated Management
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.3.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »