CVE-2015-0613

HIGH Year: 2015
CVSS v2 Score
7.1
High
Weakness Type
CWE-19
View all →

Vulnerability Description

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) via crafted SIP INVITE messages, aka Bug ID CSCul20444.

Related Vulnerabilities

CVE-2012-5357

CRITICAL
CVSS:9.8(Critical)

Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE p...

CWE-192012

CVE-2012-5358

CRITICAL
CVSS:9.8(Critical)

The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrary...

CWE-192012

CVE-2014-10039

CRITICAL
CVSS:9.8(Critical)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, SD 400, and SD 800, calling qsee_app_entry_return() without first calling qsee_app_entry() will caus...

CWE-192014

CVE-2014-9693

CRITICAL
CVSS:9.8(Critical)

Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R0...

CWE-192014

CVE-2015-3991

CRITICAL
CVSS:9.8(Critical)

strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code.

CWE-192015

CVE-2015-5344

CRITICAL
CVSS:9.8(Critical)

The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.

CWE-192015