Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-2783
Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) prior to 4.2.3.0 and 5.x prior to 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote malicious users to obtain unauthorized access via crafted Ethernet frames.
Avaya Vsp Operating System Software
Avaya Vsp Operating System Software 5.0.0.0
1 Github repository
NA
CVE-2011-5096
Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x prior to 1.0.2 and 2.0 before Patch Bundle 10 allows remote malicious users to execute arbitrary code via a crafted...
Avaya Aura Application Server 5300 1.0
Avaya Aura Application Server 5300 2.0
NA
CVE-2007-1765
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote malicious users to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, a...
Microsoft Windows 2000
Microsoft Windows 2000 -
Microsoft Windows 2003 Server -
Microsoft Windows Vista
Microsoft Windows Xp
Microsoft Ie 7.0
Avaya Ip600 Media Servers
Microsoft Internet Explorer
Avaya Definity One Media Server
Avaya S3400
Avaya S8100
11 EDB exploits
1 Article
7.5
CVSSv3
CVE-2018-6635
System Manager in Avaya Aura prior to 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote malicious users to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896.
Avaya Aura
NA
CVE-2012-3811
Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 prior to 7.0.5.8 Q1 2012 Maintenance Release and 8.0 prior to 8.0.9.13 Q1 2012 Maintenance Release allows remote malicious users to execute arbitr...
Avaya Ip Office Customer Call Reporter 8.0
Avaya Ip Office Customer Call Reporter 7.0
1 EDB exploit
NA
CVE-2001-1260
Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote malicious users to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot.
Avaya Argent Office
NA
CVE-2007-5556
Unspecified vulnerability in the Avaya VoIP Handset allows remote malicious users to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known re...
Avaya Voip Handset
8.8
CVSSv3
CVE-2018-15612
A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an malicious user to add, change, or remove administrative settings. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
Avaya Orchestration Designer
NA
CVE-2007-3317
The Session Initiation Protocol (SIP) User Access Client (UAC) message parsing module in Avaya one-X Desktop Edition 2.1.0.70 and previous versions allows remote malicious users to cause a denial of service (device crash) via a malformed SIP message.
Avaya One-x
NA
CVE-2007-3318
Buffer overflow in the Session Initiation Protocol (SIP) User Access Client (UAC) message parsing module in Avaya one-X Desktop Edition 2.1.0.70 and previous versions allows remote malicious users to cause a denial of service (call reception outage) via a malformed SIP message.
Avaya One-x
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »