Lucene search
K

164 matches found

Packet Storm
Packet Storm
added 2019/05/17 12:0 a.m.268 views

Cisco Expressway Gateway 11.5.1 Directory Traversal

Advisory: Directory Traversal in Cisco Expressway Gateway RedTeam Pentesting discovered a directory traversal vulnerability in Cisco Expressway which enables access to administrative web interfaces. Details ======= Product: Cisco Expressway Gateway Affected Versions: 11.5.1, possibly others Fixed...

4CVSS0.4AI score0.03818EPSS
Exploits2
OSV
OSV
added 2019/02/01 3:29 p.m.3 views

CVE-2018-15617

A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...

7.5CVSS5.8AI score0.02242EPSS
Exploits0References2
Prion
Prion
added 2019/02/01 3:29 p.m.13 views

Code injection

A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...

5CVSS7.4AI score0.02242EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/02/01 3:29 p.m.16 views

CVE-2018-15617

A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...

7.5CVSS6.6AI score0.02242EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/02/01 3:0 p.m.19 views

CVE-2018-15617 Communication Manager Denial of Service

A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...

6.5CVSS7.4AI score0.02242EPSS
Exploits0References2
CVE
CVE
added 2019/02/01 3:0 p.m.45 views

CVE-2018-15617

The CVE-2018-15617 vulnerability affects Avaya Aura Communication Manager’s capro (Call Processor) component and could allow a remote, unauthenticated attacker to cause a denial of service. Affected software includes 6.3.x; all 7.x versions before 7.1.3.2; all 8.x versions before 8.0.1. The avail...

7.5CVSS6.8AI score0.02242EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/09/29 12:0 a.m.5 views

Avaya Aura Communication Manager Elevation of Privilege Vulnerability

Avaya Aura Communication Manager is an open and extensible IP telephony platform from Avaya, Inc. with built-in conferencing and contact center applications and support for a wide range of servers, gateways, and other IP-based communications devices. The platform has built-in conferencing and...

7.2CVSS6.6AI score0.00297EPSS
Exploits0References1
Prion
Prion
added 2018/09/27 11:29 p.m.15 views

Design/Logic Flaw

A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1...

7.2CVSS6.5AI score0.00297EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/09/27 11:29 p.m.4 views

CVE-2018-15611

A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1...

6.7CVSS5.8AI score0.00297EPSS
Exploits0References1
NVD
NVD
added 2018/09/27 11:29 p.m.17 views

CVE-2018-15611

A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1...

7.2CVSS6.4AI score0.00297EPSS
Exploits0References1
CVE
CVE
added 2018/09/27 11:0 p.m.55 views

CVE-2018-15611

CVE-2018-15611 describes an elevation-of-privilege vulnerability in the Avaya Aura Communication Manager’s local system administration component. An authenticated, privileged local user can gain root privileges on affected systems. Affected versions include 6.3.x and all 7.x releases before 7.1.3...

7.2CVSS6.4AI score0.00297EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/09/27 11:0 p.m.25 views

CVE-2018-15611 Communication Manager Local Administrator PrivEsc

A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1...

6.3CVSS6.6AI score0.00297EPSS
Exploits0References1
NVD
NVD
added 2016/11/19 3:3 a.m.20 views

CVE-2016-6472

A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager CallManager could allow an unauthenticated, remote attacker to launch a cross-site scripting XSS attack against a user of the web interface on the affected system. More Information: CSCvb37121. Known...

6.1CVSS6AI score0.01543EPSS
Exploits0References3
Prion
Prion
added 2016/11/19 3:3 a.m.18 views

Cross site scripting

A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager CallManager could allow an unauthenticated, remote attacker to launch a cross-site scripting XSS attack against a user of the web interface on the affected system. More Information: CSCvb37121. Known...

4.3CVSS6.1AI score0.01543EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/11/19 2:45 a.m.61 views

CVE-2016-6472

Cisco Unified Communications Manager (CUCM) Web Interface Cross-Site Scripting (CVE-2016-6472) exists in the ccmivr page and can be triggered by unauthenticated remote attackers via parameters, leading to script execution in a user’s browser. Affected release visible in initial data: 11.5(1.2); K...

6.1CVSS6AI score0.01543EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/11/19 2:45 a.m.23 views

CVE-2016-6472

A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager CallManager could allow an unauthenticated, remote attacker to launch a cross-site scripting XSS attack against a user of the web interface on the affected system. More Information: CSCvb37121. Known...

6AI score0.01543EPSS
Exploits0References3
CNVD
CNVD
added 2016/04/12 12:0 a.m.6 views

SAP NetWeaver AS JAVA Internet Communication Manager Component Denial of Service Vulnerability

SAP NetWeaver is a service-oriented, integrated application platform from SAP that provides a development and runtime environment for SAP applications. SAP NetWeaver AS Application Server Java is an application server that runs in NetWeaver and is based on the Java programming language. Internet...

7.5CVSS9.1AI score0.06371EPSS
Exploits0References1
OSV
OSV
added 2016/04/08 2:59 p.m.3 views

CVE-2016-3979

Internet Communication Manager aka ICMAN or ICM in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service heap memory corruption and process crash via a crafted HTTP request, related to the IctParseCookies function, aka SAP Security Note 2256185...

7.5CVSS5.8AI score0.06371EPSS
Exploits0References3
Prion
Prion
added 2014/11/04 3:55 p.m.23 views

Code injection

Unspecified vulnerability in SAP Internet Communication Manager ICM, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service process termination via unknown vectors...

5CVSS7.1AI score0.01861EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2014/11/04 3:0 p.m.46 views

CVE-2014-8591

The CVE-2014-8591 entry concerns SAP Internet Communication Manager (ICM) as used in SAP NetWeaver 7.02 and 7.3. The vulnerability is described as an unspecified remote denial-of-service that causes process termination via unknown vectors. The available documents confirm the affected software ver...

5CVSS6.8AI score0.01861EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder