Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-7033
A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions of Equinox Conferencing includes all 9.x versions prior to 9.1.10.
Avaya Equinox Conferencing
445
VMScore
CVE-2020-7038
A vulnerability exists in Management component of Avaya Equinox Conferencing that could potentially allow an unauthenticated, remote malicious user to gain access to screen sharing and whiteboard sessions. The affected versions of Management component of Avaya Equinox Conferencin...
Avaya Equinox Conferencing
570
VMScore
CVE-2019-7003
A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated malicious user to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7...
Avaya Control Manager
445
VMScore
CVE-2019-7005
A vulnerability exists in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 up to and including 10.1.0.7 and 11.0 up to and includ...
Avaya Ip Office
445
VMScore
CVE-2019-7007
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and previous versions. Successful exploitation could potentially allow an unauthenticated malicious user to access files that are outside the restricted directory on the rem...
Avaya Aura Conferencing
694
VMScore
CVE-2007-3317
The Session Initiation Protocol (SIP) User Access Client (UAC) message parsing module in Avaya one-X Desktop Edition 2.1.0.70 and previous versions allows remote malicious users to cause a denial of service (device crash) via a malformed SIP message.
Avaya One-x
534
VMScore
CVE-2007-1490
Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allow remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors (aka "shell command injection").
Avaya Communication Manager
445
VMScore
CVE-2007-3318
Buffer overflow in the Session Initiation Protocol (SIP) User Access Client (UAC) message parsing module in Avaya one-X Desktop Edition 2.1.0.70 and previous versions allows remote malicious users to cause a denial of service (call reception outage) via a malformed SIP message.
Avaya One-x
490
VMScore
CVE-2020-7037
An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox Conferencing could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system or even potentially lead to a denial of service. The af...
Avaya Equinox Conferencing
409
VMScore
CVE-2004-0800
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
Avaya Call Management System Server 11.0
Sun Dtmail
Avaya Call Management System Server 12.0
Avaya Call Management System Server 9.0
Sun Solaris 9.0
Sun Solaris 8.0
Sun Sunos 5.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »