Vendor CVEs
Avaya
All CVEs
156 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-11309 | Cri | 0.66 | 9.6 | 0.09 | Nov 10, 2017 | Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response. | ||
| CVE-2016-2783 | Cri | 0.64 | 9.8 | 0.04 | Jan 23, 2017 | Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attackers to obtain unauthorized access via crafted Ethernet frames. | ||
| CVE-2017-12969 | Hig | 0.61 | 8.8 | 0.10 | Nov 10, 2017 | Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method. | ||
| CVE-2010-2943 | Hig | 0.57 | 8.1 | 0.17 | Sep 30, 2010 | The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were… | ||
| CVE-2018-15613 | Hig | 0.54 | 8.3 | 0.01 | Sep 21, 2018 | A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1. | ||
| CVE-2018-15612 | Hig | 0.54 | 8.3 | 0.00 | Sep 21, 2018 | A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an attacker to add, change, or remove administrative settings. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1. | ||
| CVE-2010-2798 | Hig | 0.51 | 7.8 | 0.00 | Sep 8, 2010 | The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly… | ||
| CVE-2010-2492 | Hig | 0.51 | 7.8 | 0.00 | Sep 8, 2010 | Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. | ||
| CVE-2009-0115 | Hig | 0.51 | 7.8 | 0.00 | Mar 30, 2009 | The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka… | ||
| CVE-2008-2812 | Hig | 0.51 | 7.8 | 0.00 | Jul 9, 2008 | The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2)… | ||
| CVE-2004-0079 | Hig | 0.50 | 7.5 | 0.10 | Nov 23, 2004 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||
| CVE-2018-6635 | Hig | 0.49 | 7.5 | 0.01 | Feb 5, 2018 | System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896. | ||
| CVE-2018-15610 | Hig | 0.48 | 7.3 | 0.02 | Sep 12, 2018 | A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 through 9.1 SP12, 10.0 through 10.0 SP7, and 10.1 through 10.1 SP2. | ||
| CVE-2018-15615 | Hig | 0.47 | 7.2 | 0.00 | Sep 24, 2018 | A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x. | ||
| CVE-2009-3939 | Hig | 0.46 | 7.1 | 0.00 | Nov 16, 2009 | The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file. | ||
| CVE-2018-15611 | Med | 0.41 | 6.3 | 0.00 | Sep 27, 2018 | A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1. | ||
| CVE-2010-2942 | Med | 0.36 | 5.5 | 0.00 | Sep 21, 2010 | The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory… | ||
| CVE-2006-1058 | Med | 0.36 | 5.5 | 0.00 | Apr 4, 2006 | BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables. | ||
| CVE-2001-1494 | Med | 0.36 | 5.5 | 0.00 | Dec 31, 2001 | script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command. | ||
| CVE-2011-4112 | Med | 0.29 | 5.5 | 0.00 | May 17, 2012 | The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen… | ||
| CVE-2026-0245 | Med | 0.28 | — | 0.00 | May 13, 2026 | Multiple information disclosure vulnerabilities in Prisma Access Agent® allow a local user to access sensitive configuration data and credentials. The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected. | ||
| CVE-2020-5741 | 0.18 | — | 0.73 | KEV | May 8, 2020 | Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code. | ||
| CVE-2004-0493 | 0.10 | — | 0.85 | Aug 6, 2004 | The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of… | |||
| CVE-2012-3811 | 0.08 | — | 0.63 | Jul 3, 2012 | Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code… | |||
| CVE-2004-1050 | 0.08 | — | 0.67 | Dec 31, 2004 | Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML… | |||
| CVE-2004-0842 | 0.08 | — | 0.57 | Dec 23, 2004 | Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as… | |||
| CVE-2004-0212 | 0.08 | — | 0.67 | Aug 6, 2004 | Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a… | |||
| CVE-2007-1765 | 0.07 | — | 0.54 | Mar 30, 2007 | Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and… | |||
| CVE-2004-0841 | 0.07 | — | 0.49 | Dec 23, 2004 | Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability." | |||
| CVE-2004-0594 | 0.07 | — | 0.55 | Jul 27, 2004 | The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function… | |||
| CVE-2004-0595 | 0.07 | — | 0.45 | Jul 27, 2004 | The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore… | |||
| CVE-2008-5232 | 0.06 | — | 0.36 | Nov 26, 2008 | Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary… | |||
| CVE-2023-3722 | 0.04 | — | 0.03 | Jul 19, 2023 | An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier. | |||
| CVE-2005-1125 | 0.04 | — | 0.07 | May 2, 2005 | Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed. | |||
| CVE-2004-0201 | 0.04 | — | 0.45 | Aug 6, 2004 | Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. | |||
| CVE-2020-7030 | 0.03 | — | 0.01 | Jun 3, 2020 | A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though… | |||
| CVE-2019-7004 | 0.03 | — | 0.02 | Dec 11, 2019 | A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product versions 11.x are affected. Product versions prior to 11.0, including unsupported… | |||
| CVE-2004-1235 | 0.03 | — | 0.03 | Apr 14, 2005 | Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. | |||
| CVE-2005-0506 | 0.03 | — | 0.03 | Mar 14, 2005 | The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic. | |||
| CVE-2004-0839 | 0.03 | — | 0.33 | Aug 18, 2004 | Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the… | |||
| CVE-2004-0554 | 0.03 | — | 0.01 | Aug 6, 2004 | Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | |||
| CVE-2003-1359 | 0.03 | — | 0.01 | Dec 31, 2003 | Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument. | |||
| CVE-2001-1259 | 0.03 | — | 0.02 | Aug 7, 2001 | Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. | |||
| CVE-2007-2374 | 0.01 | — | 0.17 | Apr 30, 2007 | Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is… | |||
| CVE-2004-1307 | 0.01 | — | 0.06 | Dec 21, 2004 | Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a… | |||
| CVE-2004-0081 | 0.01 | — | 0.07 | Nov 23, 2004 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | |||
| CVE-2004-0112 | 0.01 | — | 0.10 | Nov 23, 2004 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake… | |||
| CVE-2004-0215 | 0.01 | — | 0.16 | Aug 6, 2004 | Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header. | |||
| CVE-2004-1082 | 0.01 | — | 0.08 | Feb 3, 2004 | mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | |||
| CVE-2025-1041 | 0.00 | — | 0.00 | Jun 10, 2025 | An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0. |
- risk 0.66cvss 9.6epss 0.09
Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response.
- risk 0.64cvss 9.8epss 0.04
Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attackers to obtain unauthorized access via crafted Ethernet frames.
- risk 0.61cvss 8.8epss 0.10
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method.
- risk 0.57cvss 8.1epss 0.17
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were…
- risk 0.54cvss 8.3epss 0.01
A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
- risk 0.54cvss 8.3epss 0.00
A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an attacker to add, change, or remove administrative settings. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
- risk 0.51cvss 7.8epss 0.00
The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly…
- risk 0.51cvss 7.8epss 0.00
Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.
- risk 0.51cvss 7.8epss 0.00
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka…
- risk 0.51cvss 7.8epss 0.00
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2)…
- risk 0.50cvss 7.5epss 0.10
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
- risk 0.49cvss 7.5epss 0.01
System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896.
- risk 0.48cvss 7.3epss 0.02
A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 through 9.1 SP12, 10.0 through 10.0 SP7, and 10.1 through 10.1 SP2.
- risk 0.47cvss 7.2epss 0.00
A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x.
- risk 0.46cvss 7.1epss 0.00
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
- risk 0.41cvss 6.3epss 0.00
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.
- risk 0.36cvss 5.5epss 0.00
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory…
- risk 0.36cvss 5.5epss 0.00
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.
- risk 0.36cvss 5.5epss 0.00
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
- risk 0.29cvss 5.5epss 0.00
The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen…
- risk 0.28cvss —epss 0.00
Multiple information disclosure vulnerabilities in Prisma Access Agent® allow a local user to access sensitive configuration data and credentials. The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected.
- risk 0.18cvss —epss 0.73
Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code.
- CVE-2004-0493Aug 6, 2004risk 0.10cvss —epss 0.85
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of…
- CVE-2012-3811Jul 3, 2012risk 0.08cvss —epss 0.63
Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code…
- CVE-2004-1050Dec 31, 2004risk 0.08cvss —epss 0.67
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML…
- CVE-2004-0842Dec 23, 2004risk 0.08cvss —epss 0.57
Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as…
- CVE-2004-0212Aug 6, 2004risk 0.08cvss —epss 0.67
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a…
- CVE-2007-1765Mar 30, 2007risk 0.07cvss —epss 0.54
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and…
- CVE-2004-0841Dec 23, 2004risk 0.07cvss —epss 0.49
Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."
- CVE-2004-0594Jul 27, 2004risk 0.07cvss —epss 0.55
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function…
- CVE-2004-0595Jul 27, 2004risk 0.07cvss —epss 0.45
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore…
- CVE-2008-5232Nov 26, 2008risk 0.06cvss —epss 0.36
Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary…
- CVE-2023-3722Jul 19, 2023risk 0.04cvss —epss 0.03
An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.
- CVE-2005-1125May 2, 2005risk 0.04cvss —epss 0.07
Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed.
- CVE-2004-0201Aug 6, 2004risk 0.04cvss —epss 0.45
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.
- CVE-2020-7030Jun 3, 2020risk 0.03cvss —epss 0.01
A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though…
- CVE-2019-7004Dec 11, 2019risk 0.03cvss —epss 0.02
A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product versions 11.x are affected. Product versions prior to 11.0, including unsupported…
- CVE-2004-1235Apr 14, 2005risk 0.03cvss —epss 0.03
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
- CVE-2005-0506Mar 14, 2005risk 0.03cvss —epss 0.03
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
- CVE-2004-0839Aug 18, 2004risk 0.03cvss —epss 0.33
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the…
- CVE-2004-0554Aug 6, 2004risk 0.03cvss —epss 0.01
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
- CVE-2003-1359Dec 31, 2003risk 0.03cvss —epss 0.01
Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.
- CVE-2001-1259Aug 7, 2001risk 0.03cvss —epss 0.02
Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload.
- CVE-2007-2374Apr 30, 2007risk 0.01cvss —epss 0.17
Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is…
- CVE-2004-1307Dec 21, 2004risk 0.01cvss —epss 0.06
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a…
- CVE-2004-0081Nov 23, 2004risk 0.01cvss —epss 0.07
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
- CVE-2004-0112Nov 23, 2004risk 0.01cvss —epss 0.10
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake…
- CVE-2004-0215Aug 6, 2004risk 0.01cvss —epss 0.16
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.
- CVE-2004-1082Feb 3, 2004risk 0.01cvss —epss 0.08
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
- CVE-2025-1041Jun 10, 2025risk 0.00cvss —epss 0.00
An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.
Page 1 of 4