Alcatel-lucent CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (27 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2007-5361	1 Alcatel-lucent	1 Omnipcx	2025-04-09	N/A
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename.
CVE-2002-0293	1 Alcatel-lucent	1 Omnipcx	2025-04-03	N/A
FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file.
CVE-2002-0294	1 Alcatel-lucent	1 Omnipcx	2025-04-03	N/A
Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system.
CVE-2002-0295	1 Alcatel-lucent	1 Omnipcx	2025-04-03	N/A
Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges.
CVE-2003-1108	1 Alcatel-lucent	1 Omnipcx	2025-04-03	N/A
The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
CVE-2002-1691	1 Alcatel-lucent	1 Omnipcx	2025-04-03	N/A
Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access.
CVE-2024-29149	1 Alcatel-lucent	7 Ale 20, Ale 20h, Ale 30 and 4 more	2024-11-21	7.4 High
An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of a time-of-check time-of-use vulnerability, an authenticated attacker is able to replace the verified firmware image with malicious firmware during the update process.

« first previous Page 2 of 2.