Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivanti avalanche vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-36982
This vulnerability allows remote malicious users to read arbitrary files on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists wit...
Ivanti Avalanche
NA
CVE-2022-44574
An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated malicious user to modify properties on specific port.
Ivanti Avalanche
NA
CVE-2023-46803
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
Ivanti Avalanche
NA
CVE-2023-46804
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
Ivanti Avalanche
NA
CVE-2023-41474
Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated malicious user to obtain sensitive information via the javax.faces.resource component.
Ivanti Avalanche 6.3.4.153
1 Github repository
446
VMScore
CVE-2021-30497
Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can o...
Ivanti Avalanche 6.3.2
668
VMScore
CVE-2020-12442
Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250.
Ivanti Avalanche 6.3
NA
CVE-2023-35081
A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.
Ivanti Endpoint Manager Mobile
1 Github repository
3 Articles
NA
CVE-2023-35078
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.
Ivanti Endpoint Manager Mobile
9 Github repositories
4 Articles
NA
CVE-2024-24992
A Path Traversal vulnerability in web component of Ivanti Avalanche prior to 6.4.3 allows a remote authenticated malicious user to execute arbitrary commands as SYSTEM.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »