Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2006-1058
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.
Busybox Busybox 1.1.1
Avaya Message Networking
Avaya Aura Sip Enablement Services
Avaya Aura Application Enablement Services 4.01
Avaya Aura Application Enablement Services 4.1
Avaya Messaging Storage Server
668
VMScore
CVE-2018-15616
A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack that could result in remote code execution. Affected versions of System Platform includes 6.3.0 up to and including 6.3.9 ...
Avaya Avaya Aura System Platform
NA
CVE-2022-38168
Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated malicious users to bypass the login page, access sensitive information, and reset user passwords via URL modification.
Avaya Scopia Pathfinder 10 Pts Firmware 8.3.7.0.4
Avaya Scopia Pathfinder 20 Pts Firmware 8.3.7.0.4
490
VMScore
CVE-2020-7032
An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Affected versions of Avaya WebLM include: 7.0 up to and includin...
Avaya Aura System Manager
Avaya Weblm
445
VMScore
CVE-2004-0215
Microsoft Outlook Express 5.5 and 6 allows malicious users to cause a denial of service (application crash) via a malformed e-mail header.
Microsoft Outlook Express 6.0
Avaya Definity One Media Server
Avaya Ip600 Media Servers
Avaya S8100
Avaya Modular Messaging Message Storage Server S3400
668
VMScore
CVE-2005-3253
Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions prior to 3.1, and (2) Proxim AP-600 and AP-2000 prior to 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and prior to 3.1, use a static WEP key of "12345", w...
Avaya Wireless Ap-3 2.5.4
Avaya Wireless Ap-4 2.5
Avaya Wireless Ap-8 2.5
Avaya Wireless Ap-5 2.5.4
Avaya Wireless Ap-6 2.5
Avaya Wireless Ap-4 2.5.4
Avaya Wireless Ap-5 2.5
Avaya Wireless Ap-3 2.5
Avaya Wireless Ap-6 2.5.4
Avaya Wireless Ap-7 2.5
Proxim Ap-600 2.5.4
Proxim Ap-700 2.4.12
Proxim Ap-2000 2.5.4
Proxim Ap-4000 2.4.12
Proxim Ap-4000 3.0
Proxim Ap-700 3.0
641
VMScore
CVE-2004-0205
Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.
Avaya Definity One Media Server
Avaya S8100
Avaya Ip600 Media Servers
Microsoft Internet Information Server 4.0
Avaya Modular Messaging Message Storage Server S3400
578
VMScore
CVE-2008-3081
Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to exe...
Avaya Messaging Storage Server 3.1
Avaya Messaging Storage Server 4.0
Avaya Messaging Storage Server 3
NA
CVE-2021-25657
A privilege escalation vulnerability exists in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB Creator 11.1 Feature Pack 2 Service Pack 1 and previous versions versions.
Avaya Ip Office
Avaya Ip Office 11.1
516
VMScore
CVE-2019-7000
A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions before 8.0 SP14 (8.0.14). Prior versions not listed w...
Avaya Aura Conferencing 8.0
Avaya Aura Conferencing
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »