Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unified ip phone vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-0528
Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote malicious users to execute arbitrary code via a SIP message with crafted MIME data.
Cisco Skinny Client Control Protocol \\(sccp\\) Firmware
Cisco Session Initiation Protocol \\(sip\\) Firmware
1 Github repository
9.3
CVSSv2
CVE-2008-0531
Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote SIP servers to execute arbitrary code via a crafted challenge/response message.
Cisco Skinny Client Control Protocol \\(sccp\\) Firmware
Cisco Session Initiation Protocol \\(sip\\) Firmware
4.9
CVSSv2
CVE-2022-25258
An issue exists in drivers/usb/gadget/composite.c in the Linux kernel prior to 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruptio...
Linux Linux Kernel
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
1 Github repository
10
CVSSv2
CVE-2008-0529
Buffer overflow in the telnet server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G running SCCP firmware might allow remote authenticated users to execute arbitrary code via a crafted command.
Cisco Skinny Client Control Protocol \\(sccp\\) Firmware
Cisco Session Initiation Protocol \\(sip\\) Firmware
7.8
CVSSv2
CVE-2008-1113
Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
Vocera Communications Vocera Communications Badge
10
CVSSv2
CVE-2007-1063
The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and previous versions, uses a hard-coded username and password, which allows remote malicious users to access the device.
Cisco Unified Ip Phone Firmware 7906g 8.0\\(4\\)
Cisco Unified Ip Phone Firmware 7911g 8.0\\(4\\)
Cisco Unified Ip Phone Firmware 7941g 8.0\\(4\\)
Cisco Unified Ip Phone Firmware 7961g 8.0\\(4\\)
Cisco Unified Ip Phone Firmware 7970g 8.0\\(4\\)
Cisco Unified Ip Phone Firmware 7971g 8.0\\(4\\)
5
CVSSv2
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0a
Openssl Openssl 1.1.0b
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
7.2
CVSSv2
CVE-2007-1072
The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and previous versions allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged r...
Cisco Unified Ip Phone Firmware 7906g 8.0\\(4\\)
Cisco Unified Ip Phone Firmware 7911g 8.0\\(4\\)
Cisco Unified Ip Phone Firmware 7941g 8.0\\(4\\)
Cisco Unified Ip Phone Firmware 7961g 8.0\\(4\\)
Cisco Unified Ip Phone Firmware 7970g 8.0\\(4\\)
Cisco Unified Ip Phone Firmware 7971g 8.0\\(4\\)
5
CVSSv2
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0a
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.2
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Application Session Controller 3.7.1
Oracle Jd Edwards World Security A9.4
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Agile Engineering Data Management 6.1.3
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.3
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
4.9
CVSSv2
CVE-2021-4203
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
Linux Linux Kernel 5.15
Linux Linux Kernel
Netapp Element Software -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Netapp Bootstrap Os -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »