CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Avaya: >> Aura Conferencing >> 8.0 Security Vulnerabilities

CVE-2016-5285

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

CVSS Score

7.5

EPSS Score

0.006

Published

2019-11-15

CVE-2019-7000

A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions prior to 8.0 SP14 (8.0.14). Prior versions not listed were not evaluated.

CVSS Score

5.9

EPSS Score

0.004

Published

2019-07-31

Page 1

Vulnerabilities

Vulnerable Software

Avaya: >> Aura Conferencing >> 8.0 Security Vulnerabilities

Products

Pricing

Contact Us