14 matches found
EUVD-2018-7482
Malware in sbrugna...
EUVD-2020-28163
Malware in sbrugna...
CVE-2022-2249
Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0...
Privilege escalation
Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0...
CVE-2022-2249 Avaya Aura Communication Manager Privilege Escalation Vulnerabilities
Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0...
CVE-2020-7029
The CVE-2020-7029 entry concerns a Cross-Site Request Forgery (CSRF) vulnerability in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. Affected products/versions are Communication Manager 7.0.x, 7.1.x before 7.1.3.5, and 8.0.x; Messaging ...
Avaya Aura Communication Manager 5.2 Remote Code Execution
Exploit Title: Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Author: Sarang Tumne a.k.a SarT Date: 2020-02-14 Confirmed on release 5.2 Vendor: https://www.avaya.com/en/ Avaya's advisory: https://downloads.avaya.com/css/P8/documents/100183151 Exploit generates a reverse shel...
Avaya Aura Communication Manager 5.2 - Remote Code Execution
Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Title: Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Author: Sarang Tumne a.k.a SarT Date: 2020-02-14 Confirmed on release 5.2 Vendor: https://www.avaya.com/en/ Avaya's advisory:...
CVE-2018-15617
A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...
Code injection
A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...
Avaya Aura Communication Manager Elevation of Privilege Vulnerability
Avaya Aura Communication Manager is an open and extensible IP telephony platform from Avaya, Inc. with built-in conferencing and contact center applications and support for a wide range of servers, gateways, and other IP-based communications devices. The platform has built-in conferencing and...
CVE-2018-15611
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1...
Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
Description Oracle Java SE is prone to a memory-corruption vulnerability in Java Runtime Environment. Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions...
Microsoft XML Core Service Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability
Description Microsoft XML Core Service is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the currently...