CVE-2019-12165 — CVSS 9.8 (critical): MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and earlier and MiCollab AWV 6.3 (6.3.0.103), 6.2…
CVE-2024-35314 — CVSS 9.8 (critical): A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI)…
CVE-2024-35286 — CVSS 9.8 (critical): A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection…
CVE-2024-35285 — CVSS 9.8 (critical): A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command…
CVE-2022-41326 — CVSS 9.8 (critical): The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker to upload arbitrary scripts due…
CVE-2022-36452 — CVSS 9.8 (critical): A vulnerability in the web conferencing component of Mitel MiCollab through 9.5.0.101 could allow an unauthenticated attacker to upload…
CVE-2021-32071 — CVSS 9.8 (critical): The MiCollab Client service in Mitel MiCollab before 9.3 could allow an unauthenticated user to gain system access due to improper access…
CVE-2024-47223 — CVSS 9.4 (critical): A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an…
CVE-2020-35547 — CVSS 9.1 (critical): A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access (view and…
CVE-2022-36451 — CVSS 8.8 (high): A vulnerability in the MiCollab Client server component of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to…
CVE-2024-41714 — CVSS 8.8 (high): A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoice Business Solution Virtual Instance…
CVE-2025-52914 — CVSS 8.8 (high): A vulnerability in the Suite Applications Services component of Mitel MiCollab 10.0 through SP1 FP1 (10.0.1.101) could allow an…
CVE-2022-36453 — CVSS 8.8 (high): A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow an authenticated attacker to modify their…
CVE-2024-47912 — CVSS 8.2 (high): A vulnerability in the AWV (Audio, Web, and Video) Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an…
CVE-2020-13863 — CVSS 8.1 (high): The SAS portal of Mitel MiCollab before 9.1.3 could allow an attacker to access user data by performing a header injection in HTTP…
CVE-2024-47189 — CVSS 7.7 (high): The API Interface of the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an…
CVE-2020-25608 — CVSS 7.2 (high): The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL…
CVE-2024-30157 — CVSS 7.2 (high): A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with…
CVE-2024-30158 — CVSS 7.2 (high): A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with…
CVE-2024-35287 — CVSS 6.7 (medium): A vulnerability in the NuPoint Messenger (NPM) component of Mitel MiCollab through version 9.8 SP1 (9.8.1.5) could allow an authenticated…
CVE-2024-41712 — CVSS 6.6 (medium): A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow an authenticated attacker to conduct a…
CVE-2021-27402 — CVSS 6.5 (medium): The SAS Admin portal of Mitel MiCollab before 9.2 FP2 could allow an unauthenticated attacker to access (view and modify) user data by…
CVE-2024-47224 — CVSS 6.5 (medium): A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an…
CVE-2021-32067 — CVSS 6.5 (medium): The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an…
CVE-2022-36454 — CVSS 6.5 (medium): A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify their…
CVE-2021-32072 — CVSS 6.5 (medium): The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information (disclosing…
CVE-2019-19370 — CVSS 6.1 (medium): A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application before 9.0.15 for Android…
CVE-2021-27401 — CVSS 6.1 (medium): The Join Meeting page of Mitel MiCollab Web Client before 9.2 FP2 could allow an attacker to access (view and modify) user data by…
CVE-2020-27340 — CVSS 6.1 (medium): The online help portal of Mitel MiCollab before 9.2 could allow an attacker to redirect a user to an unauthorized website by executing…
CVE-2020-25611 — CVSS 6.1 (medium): The AWV portal of Mitel MiCollab before 9.2 could allow an attacker to gain access to conference information by sending arbitrary code due…
CVE-2020-25606 — CVSS 6.1 (medium): The AWV component of Mitel MiCollab before 9.2 could allow an attacker to view system information by sending arbitrary code due to improper…
CVE-2023-25597 — CVSS 5.9 (medium): A vulnerability in the web conferencing component of Mitel MiCollab through 9.6.2.9 could allow an unauthenticated attacker to download a…
CVE-2020-13767 — CVSS 5.9 (medium): The Mitel MiCollab application before 9.1.332 for iOS could allow an unauthorized user to access restricted files and folders due to…
CVE-2024-35315 — CVSS 5.6 (medium): A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI)…
CVE-2018-3639 — CVSS 5.5 (medium): Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior…
CVE-2020-25609 — CVSS 5.4 (medium): The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow an authenticated attacker to execute arbitrary scripts due to…
CVE-2021-32070 — CVSS 5.4 (medium): The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an…
CVE-2020-25610 — CVSS 5.3 (medium): The AWV component of Mitel MiCollab before 9.2 could allow an attacker to gain access to a web conference due to insufficient access…
CVE-2018-18819 — CVSS 5.3 (medium): A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601) and earlier, and 8.0 (8.0.0.40) through 8.0…
CVE-2020-25612 — CVSS 4.9 (medium): The NuPoint Messenger of Mitel MiCollab before 9.2 could allow an attacker with escalated privilege to access user files due to…
CVE-2024-30160 — CVSS 4.8 (medium): A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with…
CVE-2024-30159 — CVSS 4.8 (medium): A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with…
CVE-2021-32069 — CVSS 4.8 (medium): The AWV component of Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack due to improper TLS…
CVE-2021-32068 — CVSS 3.7 (low): The AWV and MiCollab Client Service components in Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack…