Filtered by vendor Polycom Subscriptions
Total 39 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-4683 1 Polycom 1 Realpresence Resource Manager 2024-11-21 N/A
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.
CVE-2015-4682 1 Polycom 1 Realpresence Resource Manager 2024-11-21 N/A
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager.
CVE-2015-4681 1 Polycom 1 Realpresence Resource Manager 2024-11-21 N/A
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.
CVE-2015-1516 1 Polycom 1 Realpresence Cloudaxis Suite 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Polycom RealPresence CloudAXIS Suite before 1.7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-6611 1 Polycom 12 Hdx 4002, Hdx 4500, Hdx 6000 and 9 more 2024-11-21 9.8 Critical
An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3. It has a blank administrative password by default, and can be successfully used without setting this password.
CVE-2012-6610 1 Polycom 3 Hdx 8000, Hdx Video End Points, Uc Apl 2024-11-21 8.8 High
Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature.
CVE-2012-6609 1 Polycom 3 Hdx 8000, Hdx Video End Points, Uc Apl 2024-11-21 7.5 High
Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
CVE-2012-4970 1 Polycom 12 Hdx 4002, Hdx 4500, Hdx 6000 and 9 more 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-3369 1 Polycom 1 Soundpoint Ip 601 2024-11-21 N/A
Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote attackers to cause a denial of service (device hang or reboot) via an INVITE message with a long Via header.
CVE-2007-3368 1 Polycom 1 Soundpoint Ip 650 2024-11-21 N/A
Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ allows remote attackers to cause a denial of service (device reboot) via a malformed CGI parameter.
CVE-2006-5233 1 Polycom 1 Soundpoint Ip 301 2024-11-21 N/A
Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0040, allows remote attackers to cause a denial of service (reboot) via (1) a long URL sent to the HTTP daemon and (2) unspecified manipulations as demonstrated by the Nessus http_fingerprinting_hmap.nasl script.
CVE-2003-0556 1 Polycom 3 Mgc-100, Mgc-25, Mgc-50 2024-11-20 N/A
Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester.
CVE-2002-1906 1 Polycom 1 Viavideo 2024-11-20 N/A
The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (CPU consumption) by sending incomplete HTTP requests and leaving the connections open.
CVE-2002-1905 1 Polycom 1 Viavideo 2024-11-20 N/A
Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
CVE-2002-0630 1 Polycom 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more 2024-11-20 N/A
The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets.
CVE-2002-0629 1 Polycom 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more 2024-11-20 N/A
The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via multiple connections to the server.
CVE-2002-0628 1 Polycom 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more 2024-11-20 7.5 High
The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.
CVE-2002-0627 1 Polycom 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more 2024-11-20 N/A
The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests.
CVE-2002-0626 1 Polycom 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more 2024-11-20 N/A
Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities.