Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aura vulnerabilities and exploits
(subscribe to this query)
534
VMScore
CVE-2018-6635
System Manager in Avaya Aura prior to 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote malicious users to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896.
Avaya Aura
187
VMScore
CVE-2010-2942
The actions implementation in the network queueing functionality in the Linux kernel prior to 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory...
Linux Linux Kernel 2.6.36
Linux Linux Kernel
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Opensuse Opensuse 11.1
Opensuse Opensuse 11.3
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Desktop 11
Suse Suse Linux Enterprise Server 10
Suse Suse Linux Enterprise Desktop 10
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Communication Manager 5.2
Avaya Voice Portal 5.1
Avaya Voice Portal 5.0
Avaya Aura System Platform 1.1
Avaya Aura System Platform 6.0
Avaya Aura System Manager 6.1
187
VMScore
CVE-2006-1058
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.
Busybox Busybox 1.1.1
Avaya Message Networking
Avaya Aura Sip Enablement Services
Avaya Aura Application Enablement Services 4.01
Avaya Aura Application Enablement Services 4.1
Avaya Messaging Storage Server
445
VMScore
CVE-2019-7007
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and previous versions. Successful exploitation could potentially allow an unauthenticated malicious user to access files that are outside the restricted directory on the rem...
Avaya Aura Conferencing
NA
CVE-2022-44898
The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to IOCTL 0x80102040, 0x80102044, 0x80102050, and 0x80102054, allowing malicious users to trigger a memory corruption and cause a Denial of Service (DoS) or escalate privileges via crafted...
Asus Aura Sync
641
VMScore
CVE-2019-17603
Ene.sys in Asus Aura Sync up to and including 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using crafted kernel addresses that t...
Asus Aura Sync
1 Github repository
641
VMScore
CVE-2018-15611
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version before 7.1.3.1.
Avaya Aura Communication Manager
445
VMScore
CVE-2018-15617
A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions before 7.1.3.2, and all 8.x versions before 8.0...
Avaya Aura Communication Manager
NA
CVE-2023-3722
An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and previous versions.
Avaya Aura Device Services
409
VMScore
CVE-2021-25650
A privilege escalation vulnerability exists in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services
Avaya Aura Utility Services
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »