CVE-2023-7031
- EPSS 0.07%
- Veröffentlicht 17.01.2024 19:15:08
- Zuletzt bearbeitet 21.11.2024 08:45:04
Insecure Direct Object Reference vulnerabilities were discovered in the Avaya Aura Experience Portal Manager which may allow partial information disclosure to an authenticated non-privileged user. Affected versions include 8.0.x and 8.1.x, prior to 8...
CVE-2021-25655
- EPSS 0.12%
- Veröffentlicht 24.06.2021 09:15:11
- Zuletzt bearbeitet 21.11.2024 05:55:13
A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
CVE-2021-25656
- EPSS 0.15%
- Veröffentlicht 24.06.2021 09:15:11
- Zuletzt bearbeitet 21.11.2024 05:55:13
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 through 7.2.3 (without hotfix...
CVE-2016-5285
- EPSS 0.65%
- Veröffentlicht 15.11.2019 16:15:10
- Zuletzt bearbeitet 21.11.2024 02:53:59
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.