Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2019-7001
A SQL injection vulnerability in the WebUI component of IP Office Contact Center could allow an authenticated malicious user to retrieve or alter sensitive data related to other users on the system. Affected versions of IP Office Contact Center include all 9.x and 10.x versions b...
Avaya Ip Office Contact Center
578
VMScore
CVE-2008-3081
Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to exe...
Avaya Messaging Storage Server 3.1
Avaya Messaging Storage Server 4.0
Avaya Messaging Storage Server 3
570
VMScore
CVE-2019-7003
A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated malicious user to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7...
Avaya Control Manager
570
VMScore
CVE-2008-6707
The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote malicious users to obtain sensitive information and access restricted fu...
Avaya Sip Enablement Services 4.0
Avaya Sip Enablement Services 3.1.1
Avaya Sip Enablement Services 3.0
Avaya Sip Enablement Services 3.1
Avaya Communication Manager 3.1.5
Avaya Communication Manager 3.1.3
Avaya Communication Manager 3.1.1
Avaya Communication Manager 3.1.4
Avaya Communication Manager 3.1
Avaya Communication Manager 3.1.2
534
VMScore
CVE-2018-6635
System Manager in Avaya Aura prior to 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote malicious users to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896.
Avaya Aura
534
VMScore
CVE-2007-1490
Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allow remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors (aka "shell command injection").
Avaya Communication Manager
516
VMScore
CVE-2021-25655
A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
Avaya Aura Experience Portal
Avaya Aura Experience Portal 8.0.0
516
VMScore
CVE-2019-7000
A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions before 8.0 SP14 (8.0.14). Prior versions not listed w...
Avaya Aura Conferencing 8.0
Avaya Aura Conferencing
515
VMScore
CVE-2005-1125
Race condition in libsafe 2.0.16 and previous versions, when running in multi-threaded applications, allows malicious users to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed.
Avaya Libsafe 2.0.11
Avaya Libsafe 2.0.12
Avaya Libsafe 2.0.13
Avaya Libsafe 2.0.14
Avaya Libsafe 2.0.4
Avaya Libsafe 2.0.5
Avaya Libsafe 2.0.6
Avaya Libsafe 2.0.7
Avaya Libsafe 2.0.1
Avaya Libsafe 2.0.16
Avaya Libsafe 2.0.3
Avaya Libsafe 2.0.8
Avaya Libsafe 2.0.10
Avaya Libsafe 2.0.15
Avaya Libsafe 2.0.2
Avaya Libsafe 2.0.9
1 EDB exploit
515
VMScore
CVE-2004-0594
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote malicious users to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init func...
Openpkg Openpkg 2.0
Trustix Secure Linux 2.0
Hp Hp-ux B.11.23
Openpkg Openpkg 2.1
Hp Hp-ux B.11.11
Avaya Converged Communications Server 2.0
Trustix Secure Linux 1.5
Hp Hp-ux B.11.00
Trustix Secure Linux 2.1
Debian Debian Linux 3.0
Hp Hp-ux B.11.22
Php Php 5.0.0
Php Php
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »