Total
231 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-5538 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712. | |||||
CVE-2007-4634 | 1 Cisco | 2 Call Manager, Unified Communications Manager | 2024-02-28 | 9.3 HIGH | N/A |
Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265. | |||||
CVE-2007-3775 | 1 Cisco | 2 Unified Communications Manager, Unified Presence Server | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985. | |||||
CVE-2007-3776 | 1 Cisco | 2 Unified Communications Manager, Unified Presence Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962. | |||||
CVE-2007-4633 | 1 Cisco | 2 Call Manager, Unified Communications Manager | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728. | |||||
CVE-2006-5278 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2024-02-28 | 10.0 HIGH | N/A |
Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. | |||||
CVE-2007-5537 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2024-02-28 | 7.8 HIGH | N/A |
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822. | |||||
CVE-2008-0027 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2024-02-28 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request. | |||||
CVE-2006-5277 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2024-02-28 | 9.3 HIGH | N/A |
Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow. | |||||
CVE-2007-4294 | 1 Cisco | 2 Ios, Unified Communications Manager | 2024-02-28 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. | |||||
CVE-2008-0026 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2024-02-28 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages. |