Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avalanche vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-32560
An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1.
Ivanti Avalanche
1 Github repository
1 Article
5.9
CVSSv3
CVE-2023-28126
An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an malicious user to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message.
Ivanti Avalanche
7.5
CVSSv3
CVE-2022-44574
An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated malicious user to modify properties on specific port.
Ivanti Avalanche
9.1
CVSSv3
CVE-2021-22962
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack.
Ivanti Avalanche
7.5
CVSSv3
CVE-2023-46803
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
Ivanti Avalanche
7.5
CVSSv3
CVE-2023-46804
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
Ivanti Avalanche
9.8
CVSSv3
CVE-2023-46225
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
Ivanti Avalanche
7.5
CVSSv3
CVE-2023-32561
A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1.
Ivanti Avalanche
9.8
CVSSv3
CVE-2023-32562
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an malicious user to achieve a remove code execution. Fixed in version 6.4.1.
Ivanti Avalanche
9.8
CVSSv3
CVE-2023-32563
An unauthenticated attacker could achieve the code execution through a RemoteControl server.
Ivanti Avalanche
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »