Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0115 | 8 Avaya, Christophe.varoqui, Debian and 5 more | 11 Intuity Audix Lx, Message Networking, Messaging Storage Server and 8 more | 2024-02-16 | 7.2 HIGH | 7.8 HIGH |
| The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon. | |||||
| CVE-2006-1058 | 2 Avaya, Busybox | 5 Aura Application Enablement Services, Aura Sip Enablement Services, Message Networking and 2 more | 2024-02-09 | 2.1 LOW | 5.5 MEDIUM |
| BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables. | |||||
| CVE-2001-1494 | 2 Avaya, Kernel | 7 Cvlan, Integrated Management Suit, Interactive Response and 4 more | 2024-01-26 | 2.1 LOW | 5.5 MEDIUM |
| script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command. | |||||
| CVE-2016-5285 | 5 Avaya, Debian, Mozilla and 2 more | 32 Aura Application Enablement Services, Aura Application Server 5300, Aura Communication Manager and 29 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. | |||||
| CVE-2008-2812 | 7 Avaya, Canonical, Debian and 4 more | 15 Communication Manager, Expanded Meet-me Conferencing, Intuity Audix Lx and 12 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/. | |||||
| CVE-2007-5830 | 1 Avaya | 2 Message Networking, Messaging Storage Server | 2023-12-10 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to "input validation." | |||||