Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29848
An unrestricted file upload vulnerability in web component of Ivanti Avalanche prior to 6.4.x allows an authenticated, privileged user to execute arbitrary commands as SYSTEM.
NA
CVE-2024-5144
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-4342. Reason: This candidate is a reservation duplicate of CVE-2024-4342. Notes: All CVE users should reference CVE-2024-4342 instead of this candidate. All references and descriptions in this ca...
NA
CVE-2024-29824
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
NA
CVE-2023-46810
A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux prior to 22.7R1, allows a low privileged user to execute code as root.
NA
CVE-2024-29825
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
NA
CVE-2024-29827
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
NA
CVE-2021-44534
Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure.
NA
CVE-2024-1275
Use of Default Cryptographic Key vulnerability in Baxter Welch Ally Connex Spot Monitor may allow Configuration/Environment Manipulation.This issue affects Welch Ally Connex Spot Monitor in all versions before 1.52.
NA
CVE-2024-22059
A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlying database. This may also lead to DoS.
NA
CVE-2024-22060
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary files into sensitive directories of ITSM server.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »