Lucene search

K
MitelMicollab

5 matches found

CVE
CVE
added 2014/04/07 10:55 p.m.3931 views

CVE-2014-0160

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys,...

7.5CVSS7.5AI score0.94443EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.68 views

CVE-2024-47189

The API Interface of the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct SQL injection due to insufficient sanitization of user input. A successful exploit could allow an attacker with knowledge o...

7.7CVSS8.3AI score0.00299EPSS
CVE
CVE
added 2024/10/21 9:15 p.m.42 views

CVE-2024-30158

A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrar...

7.2CVSS8.2AI score0.00223EPSS
CVE
CVE
added 2024/10/21 9:15 p.m.41 views

CVE-2024-30157

A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execu...

7.2CVSS8.2AI score0.00216EPSS
CVE
CVE
added 2020/12/18 8:15 a.m.38 views

CVE-2020-25608

The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection.

7.2CVSS7.2AI score0.00381EPSS