Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-26482: Security Center

An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.

CVE
#sql#xss#csrf#vulnerability#web#android#mac#microsoft#dos#apache#rce#samba#botnet#log4j#hard_coded_credentials#auth#ssh#telnet#ssl

DATE

ID#

TITLE

03-07-22

PLYTV21-09

Studio X50 – Improper Neutralization of Special Elements used in an OS Command

03-07-22

PLYPL21-12

EEDII – Multiple Security Vulnerabilities

02-23-22

PLYGN21-08

Poly Systems – Apache Log4j

09-29-21

Security Advisory Version 1.0

Plantronics Hub – Local Privilege Escalation

09-07-21

Security Bulletin Version 1.0

CX5100/CX5500 Authenticated Command Injection

04-30-21

Security Advisory Version 1.0

Information Disclosure Vulnerability Poly VOIP Phones

02-24-21

Security Advisory Version 1.0

Information Disclosure Vulnerability Poly VOIP Phones

02-24-21

Security Bulletin Version 1.1

Increased SIP Provisioning Attacks

02-22-21

Security Advisory Version 1.0

Information Disclosure Vulnerability Poly ZTP Service

01-20-21

Security Bulletin Version 1.0

Cybersecurity and Infrastructure Security Agency (CISA) Alert AA20-352A

04-24-20

Security Bulletin Version 1.0

Poly Recommended Best Security Practices for Unified Communications

04-01-20

Security Advisory Version 1.0

Poly Voice Endpoints – XSS and CSRF Vulnerabilities

02-07-20

Security Bulletin Version 1.0

CCX500 - UI Vulnerability Allows Access to Android Settings

01-15-20

Security Bulletin Version 1.6

Worldwide H.323 and SIP Botnet Calling Video Systems

01-10-20

Security Advisory Version 1.2.0

Remote Code Execution Vulnerability in UCS Software

01-10-20

Security Advisory Version 1.0.0

Vulnerabilities in VxWorks Operating System and Poly Products

09-04-19

Security Advisory Version 1.0.0

Plantronics Hub - Local Privilege Escalation Vulnerability

08-06-19

Security Advisory Version 1.0

Remote Code Execution Vulnerability in Obihai OBi1022

06-19-19

Security Advisory Version 1.1

Insufficient Authentication Resulting in Information Leakage on VVX Products

06-14-19

Security Advisory Version 1.1

Hard Coded Credentials Vulnerability in VVX Products

04-26-19

Security Advisory Version 1.0

Multiple Vulnerabilities in HDX Products Older than 3.1.14

02-20-19

Security Bulletin Version 1.0

HDX (versions older than 3.1.13) can be affected by multiple Botnets

01-24-19

Security Advisory Version 1.1

Cyber Threats Targeting Default Passwords

11-30-18

Security Bulletin Version 1.1

TLS 1.2 and Microsoft O365 Impacts to Polycom Products

11-05-18

Security Bulletin Version 1.0

Bluetooth Authentication Weakness Found in Trio

11-05-18

Security Bulletin Version 1.0

Stored Cross-Site Scripting Found in Trio

11-01-18

Security Bulletin Version 1.0

Remote Code Execution Vulnerability Found in Group Series

08-10-18

Security Bulletin Version 1.1

HDX SoftwareVersions Older than 3.1.12 and Omni Botnet

07-12-18

Security Advisory Version 1.9

Processor Based “Speculative Execution” Vulnerabilities AKA “Spectre” and “Meltdown” on Polycom Products

07-11-18

Security Advisory Version 1.2

Vulnerabilities in Polycom VVX Phones and UC Software

07-03-18

Security Advisory Version 1.0

Polycom UCS Software Vulnerabilities

06-26-18

Security Advisory Version 1.1

RealPresence Web Suite Vulnerability

05-10-18

Security Advisory Version 1.0

RealPresence Debut Vulnerabilities

03-05-18

Security Advisory Version 1.0

QDX 6000 Vulnerabilities

12-20-17

Security Advisory Version 1.2

“Krack” Vulnerability with Polycom Products

11-24-17

Security Advisory Version 1.2

Remote Code Execution on HDX Endpoints

10-18-17

Security Advisory Version 1.1

BlueBorne Bluetooth Vulnerabilities

08-28-17

Security Advisory Version 1.0

Information Disclosure on Multiple Polycom Products

08-11-17

Security Bulletin Version 1.1

WannaCry Vulnerability and Polycom Products

06-14-17

Security Bulletin Version 1.0

Relating to CVE-2017-7494 “SambaCry” Vulnerability and Polycom Products

03-22-17

Security Bulletin Version 1.0

Relating to CVE-2017-5638 “Apache Struts” Vulnerability and Polycom Products

10-26-16

Security Advisory Version 1.1

Relating to CVE-2016-5195 “Dirty COW” Vulnerability

09-20-16

Security Advisory Version 2.0

Relating to a Cross-site Scripting (XSS) Vulnerability in Polycom HDX Video Endpoints

09-13-16

Security Advisory Version 1.0

Relating to an XML External Entity (XXE) Vulnerability in Polycom HDX Video Endpoints)

04-06-16

Security Advisory Version 1.2

Relating to a GNU glibc DNS Vulnerability (CVE-2015-7547)

03-08-16

Security Bulletin Version 1.0

Relating to CVE-2016-0800 “DROWN” Vulnerability and Polycom Products

02-09-16

Security Office Update 2.0

Security Update Relating to H.323 and SIP AES Media Encryption on Polycom Products

12-16-15

Security Advisory Version 1.0

Relating to RealPresence Capture Server and RealPresence Media Suite Appliance Editions

12-09-15

Security Advisory Version 1.0

Relating to Path Traversal Vulnerabilities in Polycom VVX Business Media Phones

10-23-15

Security Advisory Version 2.0

Relating to GHOST glibc Vulnerability

10-23-15

Security Advisory Version 1.6.1

Relating to Logjam Vulnerability

06-29-15

Security Bulletin Version 1.0

RealPresence Resource Manager 8.4 security fixes summary

06-23-15

Security Advisory Version 1.0

Relating to Command Shell Vulnerability in Polycom Group Series Video Endpoints

06-23-15

Security Advisory Version 1.0

Relating to Inadequate SSH Restrictions Vulnerability in Polycom Group Series Video Endpoints

06-23-15

Security Advisory Version 1.0

Relating to Software Update Vulnerability in Polycom Group Series Video Endpoints

06-23-15

Security Advisory Version 1.0

Relating to Weak Entropy Vulnerability in Polycom Group Series Video Endpoints Web Cookies

06-17-15

Security Bulletin Version 1.0

Relating to “Tomcat Denial of Service”

06-15-15

Security Bulletin Version 1.0

Relating to Leap Second Insertion

04-20-15

Security Bulletin Version 1.6

Relating to SSLv3 “POODLE” Vulnerability and Polycom Products

10-24-14

Security Advisory Version 1.7

Relating to Bash shell arbitrary code execution on Various Polycom Products

10-06-14

Security Bulletin Version 1.2

Relating to Multiple OpenSSL Vulnerabilities on Various Polycom Products

06-05-14

Security Advisory Version 1.12

Relating to OpenSSL Vulnerability “Heartbleed” on Various Polycom Products

12-20-13

Security Bulletin 5471

Relating to JBoss Application Server on RealPresence Resource Manager

03-14-13

Security Bulletin 102404

Security Advisory relating to telnet shell authorization bypass on Polycom HDX Video Endpoints

03-14-13

Security Bulletin 107522

Security Advisory Relating to the Firmware Update Command Injection Vulnerability on Polycom HDX Video Endpoints

03-14-13

Security Bulletin 107523

Security Advisory Relating to the Command Shell Vulnerability on Polycom HDX Video Endpoints

03-14-13

Security Bulletin 107524

Security Advisory Relating to the H.323 Format String Vulnerability on Polycom HDX Video Endpoints

03-14-13

Security Bulletin 107525

Security Advisory Relating to the H.323 CDR Database SQL Injection on Polycom HDX Video Endpoints

03-14-13

Security Bulletin 107526

Security Advisory Relating to the PUP File Header MAC Signature Bypass on Polycom HDX Video Endpoints

Related news

DiCal-RED 4009 Outdated Third Party Components

DiCal-RED version 4009 makes use of unmaintained third party components with their own vulnerabilities.

RedJuliett Cyber Espionage Campaign Hits 75 Taiwanese Organizations

A likely China-linked state-sponsored threat actor has been linked to a cyber espionage campaign targeting government, academic, technology, and diplomatic organizations in Taiwan between November 2023 and April 2024. Recorded Future's Insikt Group is tracking the activity under the name RedJuliett, describing it as a cluster that operates Fuzhou, China, to support Beijing's intelligence

New ‘NKAbuse’ Linux Malware Uses Blockchain Technology to Spread

By Deeba Ahmed The malware, dubbed NKAbuse, uses New Kind of Network (NKN) technology, a blockchain-powered peer-to-peer network protocol to spread its infection. This is a post from HackRead.com Read the original post: New ‘NKAbuse’ Linux Malware Uses Blockchain Technology to Spread

New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks

A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications channel. "The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities," Russian

CVE-2023-47579: Vulnerability Report

Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system.

New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now

Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could result in remote code execution. Tracked as CVE-2023-50164, the vulnerability is rooted in a flawed "file upload logic" that could enable unauthorized path traversal and could be exploited under the circumstances to upload a malicious file

Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers

A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware. SecureWorks Counter Threat Unit (CTU) has dubbed the e-crime group Gold Melody, which is also known by the names Prophet Spider (CrowdStrike) and UNC961 (Mandiant). "This financially motivated

Ransomware's Favorite Target: Critical Infrastructure and Its Industrial Control Systems

The health, manufacturing, and energy sectors are the most vulnerable to ransomware.

AppSec Playbook 2023: Study of 829M Attacks on 1,400 Websites

The total number of 61,000 open vulnerabilities, including 1,700 critical ones that have been open for 180+ days, exposes businesses to potential attacks.

CVE-2022-2590: [PATCH v1] mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system.

CVE-2022-32985: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series

libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.

CVE-2022-32535: Multiple Vulnerabilities PRA-ES8P2S Ethernet-Switch

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.

Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor

Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components.

Poly EagleEye Director II 2.2.1.1 Command Injection / Authentication Bypass

Poly EagleEye Director II version 2.2.1.1 suffers from multiple authenticated remote command injection vulnerabilities as well as an authentication bypass vulnerability.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2022-29855: Security Advisories

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

CVE-2018-3064: CPU July 2018

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).

CVE-2018-2637: Oracle Critical Patch Update - January 2018

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/A...

CVE-2017-5711: Security Center

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

CVE-2017-3636: Oracle Critical Patch Update Advisory - July 2017

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

CVE-2017-7494: Samba - Security Announcement Archive

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

CVE-2017-3600: Oracle Critical Patch Update Advisory - April 2017

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).

CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

CVE-2016-3471: Oracle Critical Patch Update - July 2016

Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.

CVE-2016-0642: Oracle Critical Patch Update Advisory - April 2016

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.

CVE-2015-7547: USN-2900-1: GNU C Library vulnerability | Ubuntu security notices | Ubuntu

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907