Vulnerabilities > Mitel > Mivoice Business

DATE CVE VULNERABILITY TITLE RISK
2022-06-17 CVE-2022-31784 Classic Buffer Overflow vulnerability in Mitel Mivoice Business and Mivoice Business Express
A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker (that has network access to the management interface) to conduct a buffer overflow attack due to insufficient validation of URL parameters.
network
low complexity
mitel CWE-120
critical
9.8
2018-05-22 CVE-2018-3639 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
5.5