Filtered by vendor Polycom
Subscriptions
Total
39 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-4683 | 1 Polycom | 1 Realpresence Resource Manager | 2024-11-21 | N/A |
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests. | ||||
CVE-2015-4682 | 1 Polycom | 1 Realpresence Resource Manager | 2024-11-21 | N/A |
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager. | ||||
CVE-2015-4681 | 1 Polycom | 1 Realpresence Resource Manager | 2024-11-21 | N/A |
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords. | ||||
CVE-2015-1516 | 1 Polycom | 1 Realpresence Cloudaxis Suite | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in Polycom RealPresence CloudAXIS Suite before 1.7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2012-6611 | 1 Polycom | 12 Hdx 4002, Hdx 4500, Hdx 6000 and 9 more | 2024-11-21 | 9.8 Critical |
An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3. It has a blank administrative password by default, and can be successfully used without setting this password. | ||||
CVE-2012-6610 | 1 Polycom | 3 Hdx 8000, Hdx Video End Points, Uc Apl | 2024-11-21 | 8.8 High |
Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature. | ||||
CVE-2012-6609 | 1 Polycom | 3 Hdx 8000, Hdx Video End Points, Uc Apl | 2024-11-21 | 7.5 High |
Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | ||||
CVE-2012-4970 | 1 Polycom | 12 Hdx 4002, Hdx 4500, Hdx 6000 and 9 more | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2007-3369 | 1 Polycom | 1 Soundpoint Ip 601 | 2024-11-21 | N/A |
Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote attackers to cause a denial of service (device hang or reboot) via an INVITE message with a long Via header. | ||||
CVE-2007-3368 | 1 Polycom | 1 Soundpoint Ip 650 | 2024-11-21 | N/A |
Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ allows remote attackers to cause a denial of service (device reboot) via a malformed CGI parameter. | ||||
CVE-2006-5233 | 1 Polycom | 1 Soundpoint Ip 301 | 2024-11-21 | N/A |
Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0040, allows remote attackers to cause a denial of service (reboot) via (1) a long URL sent to the HTTP daemon and (2) unspecified manipulations as demonstrated by the Nessus http_fingerprinting_hmap.nasl script. | ||||
CVE-2003-0556 | 1 Polycom | 3 Mgc-100, Mgc-25, Mgc-50 | 2024-11-20 | N/A |
Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester. | ||||
CVE-2002-1906 | 1 Polycom | 1 Viavideo | 2024-11-20 | N/A |
The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (CPU consumption) by sending incomplete HTTP requests and leaving the connections open. | ||||
CVE-2002-1905 | 1 Polycom | 1 Viavideo | 2024-11-20 | N/A |
Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | ||||
CVE-2002-0630 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2024-11-20 | N/A |
The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets. | ||||
CVE-2002-0629 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2024-11-20 | N/A |
The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via multiple connections to the server. | ||||
CVE-2002-0628 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2024-11-20 | 7.5 High |
The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack. | ||||
CVE-2002-0627 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2024-11-20 | N/A |
The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests. | ||||
CVE-2002-0626 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2024-11-20 | N/A |
Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities. |