Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-7033
A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions of Equinox Conferencing includes all 9.x versions prior to 9.1.10.
Avaya Equinox Conferencing
8.1
CVSSv3
CVE-2020-7037
An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox Conferencing could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system or even potentially lead to a denial of service. The af...
Avaya Equinox Conferencing
7.5
CVSSv3
CVE-2020-7038
A vulnerability exists in Management component of Avaya Equinox Conferencing that could potentially allow an unauthenticated, remote malicious user to gain access to screen sharing and whiteboard sessions. The affected versions of Management component of Avaya Equinox Conferencin...
Avaya Equinox Conferencing
NA
CVE-2007-3318
Buffer overflow in the Session Initiation Protocol (SIP) User Access Client (UAC) message parsing module in Avaya one-X Desktop Edition 2.1.0.70 and previous versions allows remote malicious users to cause a denial of service (call reception outage) via a malformed SIP message.
Avaya One-x
NA
CVE-2007-5556
Unspecified vulnerability in the Avaya VoIP Handset allows remote malicious users to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known re...
Avaya Voip Handset
8.6
CVSSv3
CVE-2019-7007
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and previous versions. Successful exploitation could potentially allow an unauthenticated malicious user to access files that are outside the restricted directory on the rem...
Avaya Aura Conferencing
9.6
CVSSv3
CVE-2017-11309
Buffer overflow in the SoftConsole client in Avaya IP Office prior to 10.1.1 allows remote servers to execute arbitrary code via a long response.
Avaya Ip Office
1 EDB exploit
8.8
CVSSv3
CVE-2018-15612
A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an malicious user to add, change, or remove administrative settings. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
Avaya Orchestration Designer
10
CVSSv3
CVE-2019-7003
A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated malicious user to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7...
Avaya Control Manager
NA
CVE-2004-0800
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
Avaya Call Management System Server 11.0
Sun Dtmail
Avaya Call Management System Server 12.0
Avaya Call Management System Server 9.0
Sun Solaris 9.0
Sun Solaris 8.0
Sun Sunos 5.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »