Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gateway vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3455
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add_postlogin.php. The manipulation of the argument SingleLoginId leads to sql injection...
6.1
CVSSv3
CVE-2024-3378
A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login of the component Login Portal. The manipulation of the argument redirectUrl leads to cross site scrip...
Iboss Secure Web Gateway
9.8
CVSSv3
CVE-2024-21894
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may le...
Ivanti Connect Secure 9.1
Ivanti Policy Secure 9.1
Ivanti Policy Secure 9.0
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.4
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.6
2 Github repositories
2 Articles
5.3
CVSSv3
CVE-2024-22023
An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a li...
Ivanti Connect Secure 9.1
Ivanti Policy Secure 9.1
Ivanti Policy Secure 9.0
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.4
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.6
1 Article
7.5
CVSSv3
CVE-2024-22052
A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack
Ivanti Connect Secure 9.1
Ivanti Policy Secure 9.1
Ivanti Policy Secure 9.0
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.4
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.6
1 Article
8.2
CVSSv3
CVE-2024-22053
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read conte...
Ivanti Connect Secure 9.1
Ivanti Policy Secure 9.1
Ivanti Policy Secure 9.0
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.4
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.6
1 Article
NA
CVE-2024-28787
IBM Security Verify Access 10.0.0 up to and including 10.0.7 and IBM Application Gateway 20.01 up to and including 24.03 could allow a remote malicious user to obtain highly sensitive private information or cause a denial of service using a specially crafted HTTP request. IBM X-F...
NA
CVE-2024-28520
File Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an malicious user to obtain sensitive information via the uploadfile.php component.
4.9
CVSSv3
CVE-2023-50311
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 273612.
Ibm Cics Transaction Gateway 9.2
Ibm Cics Transaction Gateway 9.3
NA
CVE-2024-30514
Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Payfast Gateway Add On.This issue affects Paid Memberships Pro – Payfast Gateway Add On: from n/a up to and including 1.4.1.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »