Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified communications manager 4.3.1 vulnerabilities and exploits
(subscribe to this query)
790
VMScore
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
718
VMScore
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Sd-wan Edge 9.1
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Oracle Product Lifecycle Analytics 3.6.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 22.1.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0
171 Github repositories
7 Articles
694
VMScore
CVE-2010-0587
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x prior to 4.3(2)SR2, 6.x prior to 6.1(5), 7.x prior to 7.1(3a)su1, and 8.x prior to 8.0(1) allows remote malicious users to cause a denial of service (process failure) via a malformed SCCP StationCapabilitie...
Cisco Unified Communications Manager 4.1
Cisco Unified Communications Manager 4.3\\(2\\)
Cisco Unified Communications Manager 4.3\\(1\\)sr.1
Cisco Unified Communications Manager 4.1.3
Cisco Unified Communications Manager 4.2
Cisco Unified Communications Manager 4.2 2
Cisco Unified Communications Manager 4.2 3
Cisco Unified Communications Manager 4.2.1
Cisco Unified Communications Manager 4.2.2
Cisco Unified Communications Manager 4.3\\(1\\)
Cisco Unified Communications Manager 6.1\\(2\\)su1
Cisco Unified Communications Manager 6.1\\(2\\)su1a
Cisco Unified Communications Manager 6.1\\(3\\)
Cisco Unified Communications Manager 6.1.0
Cisco Unified Communications Manager 6.1
Cisco Unified Communications Manager 4.2\\(3\\)sr2b
Cisco Unified Communications Manager 4.1.1
Cisco Unified Communications Manager 4.1.2
Cisco Unified Communications Manager 4.2 1
Cisco Unified Communications Manager 4.2.3sr2b
Cisco Unified Communications Manager 4.2.3sr2
Cisco Unified Communications Manager 4.3
694
VMScore
CVE-2010-0592
The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x prior to 4.3(2)sr1a, 6.x prior to 6.1(3), 7.0x prior to 7.0(2), 7.1x prior to 7.1(2), and 8.x prior to 8.0(1) allows remote malicious users to cause a denial of service (service f...
Cisco Unified Communications Manager 4.1
Cisco Unified Communications Manager 4.1.1
Cisco Unified Communications Manager 4.1.2
Cisco Unified Communications Manager 4.1.3
Cisco Unified Communications Manager 4.2 2
Cisco Unified Communications Manager 4.3
Cisco Unified Communications Manager 4.1\\(3\\)sr4
Cisco Unified Communications Manager 4.2.2
Cisco Unified Communications Manager 4.3\\(1\\)
Cisco Unified Communications Manager 4.1\\(3\\)
Cisco Unified Communications Manager 6.0\\(1a\\)
Cisco Unified Communications Manager 6.1\\(1\\)
Cisco Unified Communications Manager 6.1
Cisco Unified Communications Manager 7.0\\(1\\)
Cisco Unified Communications Manager 7.0\\(2\\)
Cisco Unified Communications Manager 4.3\\(1\\)sr.1
Cisco Unified Communications Manager 4.2 3sr1
Cisco Unified Communications Manager 4.2.3 Sr3
Cisco Unified Communications Manager 4.2 1
Cisco Unified Communications Manager 4.2.3sr2b
Cisco Unified Communications Manager 4.2.3sr1
Cisco Unified Communications Manager 4.3.1
668
VMScore
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
668
VMScore
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
578
VMScore
CVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
578
VMScore
CVE-2015-7854
Buffer overflow in the password management functionality in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
505
VMScore
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0a
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.2
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Application Session Controller 3.7.1
Oracle Jd Edwards World Security A9.4
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Agile Engineering Data Management 6.1.3
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.3
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
445
VMScore
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0a
Openssl Openssl 1.1.0b
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »