Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2007-3286
Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote malicious users to execute arbitrary code via unspecified vectors.
Avaya Ip Soft Phone 6.0
Avaya Ip Soft Phone
694
VMScore
CVE-2007-5830
Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote malicious users to cause a denial of service via unspecified vectors related to "input validation."
Avaya Message Networking 3.1
Avaya Messaging Storage Server 3.1
516
VMScore
CVE-2021-25655
A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
Avaya Aura Experience Portal
Avaya Aura Experience Portal 8.0.0
505
VMScore
CVE-2005-0506
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
Avaya Ip Office Phone Manager
Avaya Ip Soft Phone
1 EDB exploit
NA
CVE-2022-2249
Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 up to and including 8.1.3.3 and 10.1.0.0.
Avaya Aura Communication Manager 10.1.0.0
Avaya Aura Communication Manager
445
VMScore
CVE-2008-6141
Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 allows remote malicious users to cause a denial of service (crash) via a large amount of H.323 data.
Avaya Ip Soft Phone 6.01.85
Avaya Ip Soft Phone 6.0
445
VMScore
CVE-2005-4471
POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and previous versions allows remote malicious users to cause a denial of service (infinite loop) via crafted packets.
Avaya Modular Messaging Message Storage Server 1.1
Avaya Modular Messaging Message Storage Server 2.0
Avaya Modular Messaging Message Storage Server
1000
VMScore
CVE-2004-0212
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote malicious users to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing...
Microsoft Ie 6.0
Avaya Definity One Media Server
Avaya S8100
Avaya Ip600 Media Servers
Microsoft Windows 2000
Microsoft Windows Nt 4.0
Avaya Modular Messaging Message Storage Server S3400
Microsoft Windows Xp
2 EDB exploits
694
VMScore
CVE-2005-3989
Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack before vintage 9 firmware allows remote malicious users to cause a denial of service (memory consumption) via crafted VoIP packets.
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack Vintage 5 Firmware
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack Vintage 6 Firmware
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack Vintage 7 Firmware
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack Vintage 3 Firmware
Avaya Tn2602ap Ip Media Resource 320 Circuit Pack Vintage 4 Firmware
890
VMScore
CVE-2016-2783
Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) prior to 4.2.3.0 and 5.x prior to 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote malicious users to obtain unauthorized access via crafted Ethernet frames.
Avaya Vsp Operating System Software
Avaya Vsp Operating System Software 5.0.0.0
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »