Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ip office vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-7001
A SQL injection vulnerability in the WebUI component of IP Office Contact Center could allow an authenticated malicious user to retrieve or alter sensitive data related to other users on the system. Affected versions of IP Office Contact Center include all 9.x and 10.x versions b...
Avaya Ip Office Contact Center
5.4
CVSSv3
CVE-2018-15614
A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. Affected versions of IP Office include 10.0 up to ...
Avaya Ip Office 10.0
Avaya Ip Office 10.1
Avaya Ip Office 11.0
8.8
CVSSv3
CVE-2018-15610
A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated malicious user to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 up to and including 9.1 SP12, 10.0 up to and including 10.0 SP7, and 10.1 up ...
Avaya Ip Office 9.1
Avaya Ip Office 10.0
Avaya Ip Office 10.1
6.5
CVSSv3
CVE-2018-0950
An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Off...
Microsoft Office 2016
Microsoft Office 2010
Microsoft Office Compatibility Pack -
Microsoft Word 2010
Microsoft Word 2007
Microsoft Word 2013
Microsoft Word 2016
2 Articles
9.6
CVSSv3
CVE-2017-11309
Buffer overflow in the SoftConsole client in Avaya IP Office prior to 10.1.1 allows remote servers to execute arbitrary code via a long response.
Avaya Ip Office
1 EDB exploit
8.8
CVSSv3
CVE-2017-12969
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center prior to 10.1.1 allows remote malicious users to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method.
Avaya Ip Office Contact Center 9.1.0
Avaya Ip Office Contact Center 9.1.0.2209.1540
Avaya Ip Office Contact Center 9.1.6
Avaya Ip Office Contact Center 9.1.7
Avaya Ip Office Contact Center 9.1.8
Avaya Ip Office Contact Center 9.1.9
Avaya Ip Office Contact Center 9.1
Avaya Ip Office Contact Center 10.0
Avaya Ip Office Contact Center 10.0.0.3-8600.1705
Avaya Ip Office Contact Center 10.1
1 EDB exploit
NA
CVE-2012-3811
Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 prior to 7.0.5.8 Q1 2012 Maintenance Release and 8.0 prior to 8.0.9.13 Q1 2012 Maintenance Release allows remote malicious users to execute arbitr...
Avaya Ip Office Customer Call Reporter 8.0
Avaya Ip Office Customer Call Reporter 7.0
1 EDB exploit
NA
CVE-2008-3068
Microsoft Crypto API 5.131.2600.2180 up to and including 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, whi...
Microsoft Groove 2007
Microsoft Infopath 2003
Microsoft Outlook 2007
Microsoft Powerpoint 2003
Microsoft Visio Professional 2007
Microsoft Visio Standard 2007
Microsoft Access 2007
Microsoft Office 2007
Microsoft Office Communicator 2007
Microsoft Project Standard 2007
Microsoft Publisher 2003
Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Frontpage 2003
Microsoft Onenote 2003
Microsoft Outlook 2003
Microsoft Publisher 2007
Microsoft Sharepoint Designer 2007
Microsoft Infopath 2007
Microsoft Powerpoint 2007
Microsoft Project Professional 2007
Microsoft Windows Live Mail 2008
NA
CVE-2005-0506
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
Avaya Ip Office Phone Manager
Avaya Ip Soft Phone
1 EDB exploit
NA
CVE-2002-0012
Vulnerabilities in a large number of SNMP implementations allow remote malicious users to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into m...
Snmp Snmp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »