Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2021-25655
A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
Avaya Aura Experience Portal 8.0.0
Avaya Aura Experience Portal
5
CVSSv2
CVE-2005-0506
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
Avaya Ip Soft Phone
Avaya Ip Office Phone Manager
1 EDB exploit
7.8
CVSSv2
CVE-2007-5830
Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote malicious users to cause a denial of service via unspecified vectors related to "input validation."
Avaya Message Networking 3.1
Avaya Messaging Storage Server 3.1
NA
CVE-2022-2249
Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 up to and including 8.1.3.3 and 10.1.0.0.
Avaya Aura Communication Manager 10.1.0.0
Avaya Aura Communication Manager
5
CVSSv2
CVE-2005-4471
POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and previous versions allows remote malicious users to cause a denial of service (infinite loop) via crafted packets.
Avaya Modular Messaging Message Storage Server 2.0
Avaya Modular Messaging Message Storage Server 1.1
Avaya Modular Messaging Message Storage Server
5
CVSSv2
CVE-2008-6141
Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 allows remote malicious users to cause a denial of service (crash) via a large amount of H.323 data.
Avaya Ip Soft Phone 6.01.85
Avaya Ip Soft Phone 6.0
10
CVSSv2
CVE-2004-0212
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote malicious users to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing...
Avaya Definity One Media Server
Microsoft Ie 6.0
Avaya S8100
Avaya Ip600 Media Servers
Microsoft Windows Xp
Microsoft Windows Nt 4.0
Microsoft Windows 2000
Avaya Modular Messaging Message Storage Server S3400
2 EDB exploits
7.2
CVSSv2
CVE-2008-2812
The Linux kernel prior to 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio...
Linux Linux Kernel
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Novell Linux Desktop 9
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Suse Linux Enterprise Server 10
Suse Suse Linux Enterprise Desktop 10
Debian Debian Linux 4.0
Avaya Message Networking 3.1
Avaya Sip Enablement Services 4.0
Avaya Messaging Storage Server 4.0
Avaya Proactive Contact 4.0
Avaya Meeting Exchange 5.0
Avaya Expanded Meet-me Conferencing
Avaya Intuity Audix Lx 2.0
Avaya Sip Enablement Services -
Avaya Communication Manager
10
CVSSv2
CVE-2016-2783
Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) prior to 4.2.3.0 and 5.x prior to 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote malicious users to obtain unauthorized access via crafted Ethernet frames.
Avaya Vsp Operating System Software 5.0.0.0
Avaya Vsp Operating System Software
1 Github repository
10
CVSSv2
CVE-2011-5096
Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x prior to 1.0.2 and 2.0 before Patch Bundle 10 allows remote malicious users to execute arbitrary code via a crafted...
Avaya Aura Application Server 5300 1.0
Avaya Aura Application Server 5300 2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »