CVEs (3)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x...Show more |
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, ma...Show more |
5Avaya DebianMozilla+2 more27Aura Application Enablement Services Aura Application Server 5300Aura Communication Manager+24 moreNov 21, 2024 Nov 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a...Show more |