← Back

Avaya

avaya

139 CVEs • 158 products

Products (158)

Click to collapse
Toggle
Communication Manager
communication_manager
16 CVEs
Modular Messaging Message Storage Server
modular_messaging_message_storage_server
15 CVEs
S8300
s8300
11 CVEs
S8500
s8500
11 CVEs
S8700
s8700
11 CVEs
Converged Communications Server
converged_communications_server
10 CVEs
Definity One Media Server
definity_one_media_server
10 CVEs
S8100
s8100
10 CVEs
Aura Communication Manager
aura_communication_manager
10 CVEs
Ip600 Media Servers
ip600_media_servers
9 CVEs
Aura System Manager
aura_system_manager
9 CVEs
Ip Office
ip_office
9 CVEs
Sip Enablement Services
sip_enablement_services
8 CVEs
Intuity Audix
intuity_audix
7 CVEs
Message Networking
message_networking
6 CVEs
Messaging Storage Server
messaging_storage_server
6 CVEs
S3400
s3400
6 CVEs
Aura Session Manager
aura_session_manager
6 CVEs
Aura System Platform
aura_system_platform
5 CVEs
Iq
iq
5 CVEs
Argent Office
argent_office
4 CVEs
Intuity Audix Lx
intuity_audix_lx
4 CVEs
Mn100
mn100
4 CVEs
Aura Application Enablement Services
aura_application_enablement_services
4 CVEs
4602sw Ip Phone
4602sw_ip_phone
4 CVEs
Aura Presence Services
aura_presence_services
4 CVEs
Aura Experience Portal
aura_experience_portal
4 CVEs
Aura Utility Services
aura_utility_services
4 CVEs
Cvlan
cvlan
3 CVEs
Libsafe
libsafe
3 CVEs
Network Routing
network_routing
3 CVEs
Integrated Management
integrated_management
3 CVEs
Sg200
sg200
3 CVEs
Sg203
sg203
3 CVEs
Sg208
sg208
3 CVEs
Sg5
sg5
3 CVEs
Vsu
vsu
3 CVEs
Ip Soft Phone
ip_soft_phone
3 CVEs
S8710
s8710
3 CVEs
One X
one-x
3 CVEs
Meeting Exchange
meeting_exchange
3 CVEs
Voice Portal
voice_portal
3 CVEs
Aura Conferencing
aura_conferencing
3 CVEs
Call Management System
call_management_system
3 CVEs
Equinox Conferencing
equinox_conferencing
3 CVEs
Ix Workforce Engagement
ix_workforce_engagement
3 CVEs
Interactive Response
interactive_response
2 CVEs
Call Management System Server
call_management_system_server
2 CVEs
Aura Sip Enablement Services
aura_sip_enablement_services
2 CVEs
Media Server
media_server
2 CVEs
Proactive Contact
proactive_contact
2 CVEs
Aura Voice Portal
aura_voice_portal
2 CVEs
Aura Application Server 5300
aura_application_server_5300
2 CVEs
Ip Office Contact Center
ip_office_contact_center
2 CVEs
Aura Orchestration Designer
aura_orchestration_designer
2 CVEs
Aura Messaging
aura_messaging
2 CVEs
Aura Appliance Virtualization Platform
aura_appliance_virtualization_platform
2 CVEs
Aura Device Services
aura_device_services
2 CVEs
Spaces
spaces
2 CVEs
Integrated Management Suit
integrated_management_suit
1 CVE
Intuity Lx
intuity_lx
1 CVE
Cajun M770 Atm
cajun_m770-atm
1 CVE
Cajun P130
cajun_p130
1 CVE
Cajun P330
cajun_p330
1 CVE
Cajun P550
cajun_p550
1 CVE
Cajun P550r
cajun_p550r
1 CVE
Cajun P580
cajun_p580
1 CVE
Cajun P880
cajun_p880
1 CVE
Cajun P882
cajun_p882
1 CVE
Predictive Dialer System
predictive_dialer_system
1 CVE
Ip Office Phone Manager
ip_office_phone_manager
1 CVE
Tn2602ap Ip Media Resource 320 Circuit Pack
tn2602ap_ip_media_resource_320_circuit_pack
1 CVE
Wireless Ap 3
wireless_ap-3
1 CVE
Wireless Ap 4
wireless_ap-4
1 CVE
Wireless Ap 5
wireless_ap-5
1 CVE
Wireless Ap 6
wireless_ap-6
1 CVE
Wireless Ap 7
wireless_ap-7
1 CVE
Wireless Ap 8
wireless_ap-8
1 CVE
Vpnremote
vpnremote
1 CVE
Vsu 100
vsu_100
1 CVE
Vsu 10000
vsu_10000
1 CVE
Vsu 2000
vsu_2000
1 CVE
Vsu 7500
vsu_7500
1 CVE
Csu 5000
csu_5000
1 CVE
Voip Handset
voip_handset
1 CVE
Expanded Meet Me Conferencing
expanded_meet-me_conferencing
1 CVE
Broadcast Server
broadcast_server
1 CVE
Agent Access
agent_access
1 CVE
Aura Conferencing Standard Edition
aura_conferencing_standard_edition
1 CVE
Basic Call Management System Reporting Desktop
basic_call_management_system_reporting_desktop
1 CVE
Call Management Server Supervisor
call_management_server_supervisor
1 CVE
Callpilot
callpilot
1 CVE
Callvisor Asai Lan
callvisor_asai_lan
1 CVE
Communication Server 1000 Telephony Manager
communication_server_1000_telephony_manager
1 CVE
Computer Telephony
computer_telephony
1 CVE
Contact Center Express
contact_center_express
1 CVE
Customer Interaction Express
customer_interaction_express
1 CVE
Enterprise Manager
enterprise_manager
1 CVE
Interaction Center
interaction_center
1 CVE
Ip Agent
ip_agent
1 CVE

CVEs (139)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2004-0495
6Avaya
ConectivaGentoo+3 more
18Converged Communications Server
Enterprise LinuxIntuity Audix+15 more
Apr 16, 2026
Aug 6, 2004
N/A· v4
N/A· v3
7.2 HIGH· v2
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
CVE-2004-0493
5Apache
AvayaGentoo+2 more
8Converged Communications Server
Http ServerHttp Server+5 more
Apr 16, 2026
Aug 6, 2004
N/A· v4
N/A· v3
6.4 MEDIUM· v2
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 6...Show more
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.Show less
CVE-2004-0215
2Avaya
Microsoft
5Definity One Media Server
Ip600 Media ServersModular Messaging Message Storage Server+2 more
Apr 16, 2026
Aug 6, 2004
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.
CVE-2004-0212
2Avaya
Microsoft
8Definity One Media Server
IeIp600 Media Servers+5 more
Apr 16, 2026
Aug 6, 2004
N/A· v4
N/A· v3
10.0 HIGH· v2
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters,...Show more
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.Show less
CVE-2004-0205
2Avaya
Microsoft
5Definity One Media Server
Internet Information ServerIp600 Media Servers+2 more
Apr 16, 2026
Aug 6, 2004
N/A· v4
N/A· v3
7.2 HIGH· v2
Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.
CVE-2004-0201
2Avaya
Microsoft
11Definity One Media Server
Ip600 Media ServersModular Messaging Message Storage Server+8 more
Apr 16, 2026
Aug 6, 2004
N/A· v4
N/A· v3
10.0 HIGH· v2
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large...Show more
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.Show less
CVE-2004-0595
4Avaya
PhpRedhat+1 more
8Converged Communications Server
Fedora CoreIntegrated Management+5 more
Apr 16, 2026
Jul 27, 2004
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web bro...Show more
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.Show less
CVE-2004-0594
6Avaya
DebianHp+3 more
6Converged Communications Server
Debian LinuxHp Ux+3 more
Apr 16, 2026
Jul 27, 2004
N/A· v4
N/A· v3
5.1 MEDIUM· v2
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_l...Show more
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.Show less
CVE-2004-1082
8Apache
AppleAvaya+5 more
14Apache Mod Digest Apple
Communication ManagerHttp Server+11 more
Apr 16, 2026
Feb 3, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
CVE-2003-1359
2Avaya
Hp
2Hp Ux
Predictive Dialer System
Apr 16, 2026
Dec 31, 2003
N/A· v4
N/A· v3
7.2 HIGH· v2
Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.
CVE-2002-1229
1Avaya
5Cajun P550
Cajun P550rCajun P580+2 more
Apr 16, 2026
Oct 28, 2002
N/A· v4
N/A· v3
7.5 HIGH· v2
Avaya Cajun switches P880, P882, P580, and P550R 5.2.14 and earlier contain undocumented accounts (1) manuf and (2) diag with default passwords, which allows remote attackers to gain privileges.
CVE-2002-1448
1Avaya
3Cajun M770 Atm
Cajun P130Cajun P330
Apr 16, 2026
Jul 8, 2002
N/A· v4
N/A· v3
7.5 HIGH· v2
An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya P330, P130, and M770-ATM Cajun products allows remote attackers to gain administrative privileges.
CVE-2002-0176
1Avaya
1Libsafe
Apr 16, 2026
Apr 22, 2002
N/A· v4
N/A· v3
4.6 MEDIUM· v2
The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe.
CVE-2002-0175
1Avaya
1Libsafe
Apr 16, 2026
Apr 22, 2002
N/A· v4
N/A· v3
4.6 MEDIUM· v2
libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe.
CVE-2001-1494
2Avaya
Kernel
7Cvlan
Integrated Management SuitInteractive Response+4 more
Apr 16, 2026
Dec 31, 2001
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script comm...Show more
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.Show less
CVE-2001-1262
1Avaya
1Argent Office
Apr 16, 2026
Aug 7, 2001
N/A· v4
N/A· v3
7.5 HIGH· v2
Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication with a 0 length com...Show more
Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication with a 0 length community string.Show less
CVE-2001-1261
1Avaya
1Argent Office
Apr 16, 2026
Aug 7, 2001
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file.
CVE-2001-1260
1Avaya
1Argent Office
Apr 16, 2026
Aug 7, 2001
N/A· v4
N/A· v3
10.0 HIGH· v2
Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot.
CVE-2001-1259
1Avaya
1Argent Office
Apr 16, 2026
Aug 7, 2001
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload.