CVE-2019-9230 (mediant_500-mbsr_firmware, mediant_500l-msbr_firmware, mediant_800c-msbr_firmware, mediant_m800b-msbr_firmware)

An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting (XSS) vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.

View Full Alert

CVE-2018-15520 (cx421_firmware, cx522_firmware, cx62x_firmware, cx72x_firmware, cx82x_firmware, cx860_firmware, cx92x_firmware, mb2338_firmware, mb2442_firmware, mb2546_firmware, mb2650_firmware, mb2770_firmware, mc2325_firmware, mc2425_firmware, mc2535_firmware, mc2640_firmware, mx321_firmware, mx42x_firmware, mx52x_firmware, mx622_firmware, mx72x_firmware, mx82x_firmware, xc2235_firmware, xc41x0_firmware, xc4240_firmware, xc6152_firmware, xc8155_firmware, xc8160_firmware, xc92x5_firmware, xm124x_firmware, xm3250_firmware, xm5370_firmware, xm7355_firmware, xm7370_firmware)
Various Lexmark devices have a Buffer Overflow (issue 2 of 2). View Full Alert
CVE-2018-15519 (6500_firmware, cx310_firmware, cx410_firmware, cx510_firmware, mx31x_firmware, mx41x_firmware, mx51x_firmware, mx61x_firmware, mx6500_firmware, mx71x_firmware, mx81x_firmware, mx91x_firmware, x46x_firmware, x54x_firmware, x65x_firmware, x73x_firmware, x74x_firmware, x79x_firmware, x86x_firmware, x92x_firmware, x95x_firmware, xc2132_firmware, xm1145_firmware, xm3150_firmware, xm51xx_firmware, xm71xx_firmware, xm91x_firmware, xs54x_firmware, xs74x_firmware, xs79x_firmware, xs92x_firmware, xs95x_firmware)
Various Lexmark devices have a Buffer Overflow (issue 1 of 2). View Full Alert
CVE-2018-7838 (bmeh582040_firmware, bmeh586040_firmware, bmenoc0301_firmware, bmep581020_firmware, bmep582020_firmware, bmep582040_firmware, bmep582040s_firmware, bmep583020_firmware, bmep583040_firmware, bmep584020_firmware, bmep584040_firmware, bmep585040_firmware, bmep586040_firmware)
A CWE-119 Buffer Errors vulnerability exists in Modicon M580 CPU - BMEP582040, all versions before V2.90, and Modicon Ethernet Module BMENOC0301, all versions before V2.16, which could cause denial of…

Related Posts