Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2020-7036
An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions prior to 4.7.1.1 Patch ...
Avaya Callback Assist 4.7.1.1
Avaya Callback Assist
516
VMScore
CVE-2019-7000
A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions before 8.0 SP14 (8.0.14). Prior versions not listed w...
Avaya Aura Conferencing 8.0
Avaya Aura Conferencing
NA
CVE-2021-25657
A privilege escalation vulnerability exists in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB Creator 11.1 Feature Pack 2 Service Pack 1 and previous versions versions.
Avaya Ip Office
Avaya Ip Office 11.1
187
VMScore
CVE-2010-2942
The actions implementation in the network queueing functionality in the Linux kernel prior to 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory...
Linux Linux Kernel 2.6.36
Linux Linux Kernel
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Opensuse Opensuse 11.1
Opensuse Opensuse 11.3
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Desktop 11
Suse Suse Linux Enterprise Server 10
Suse Suse Linux Enterprise Desktop 10
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Communication Manager 5.2
Avaya Voice Portal 5.1
Avaya Voice Portal 5.0
Avaya Aura System Platform 1.1
Avaya Aura System Platform 6.0
Avaya Aura System Manager 6.1
187
VMScore
CVE-2018-15615
A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x.
Avaya Call Management System Supervisor 17.0.0
Avaya Call Management System Supervisor 18.0.2.0
Avaya Call Management System Supervisor 18.0.1.0
445
VMScore
CVE-2011-3008
The default configuration of Avaya Secure Access Link (SAL) Gateway 1.5, 1.8, and 2.0 contains certain domain names in the Secondary Core Server URL and Secondary Remote Server URL fields, which allows remote malicious users to obtain sensitive information by leveraging administr...
Avaya Secure Access Link Gateway 1.5
Avaya Secure Access Link Gateway 1.8
Avaya Secure Access Link Gateway 2.0
187
VMScore
CVE-2008-3777
The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm and (2) system logs during failed login attempts, which allows local users to obta...
Avaya Sip Enablement Services 5.0
Avaya Communication Manager 5.0
312
VMScore
CVE-2021-25656
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (witho...
Avaya Aura Experience Portal 8.0.0
Avaya Aura Experience Portal
605
VMScore
CVE-2007-3286
Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote malicious users to execute arbitrary code via unspecified vectors.
Avaya Ip Soft Phone 6.0
Avaya Ip Soft Phone
668
VMScore
CVE-2008-3778
The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote malicious users to ...
Avaya Sip Enablement Services 5.0
Avaya Communication Manager 5.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »