Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2023/11/03 12:0 a.m.1 views

Ivanti Avalanche security breach

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets, and barcode scanners. A security vulnerability exists in Ivanti Avalanche, which is caused by an Unrestricted File Upload Local Privileg...

7.8CVSS6.8AI score0.00101EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/05/30 12:0 a.m.2 views

PT-2023-8010 · Ivanti · Ivanti Avalanche Enterpriseserver Service

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche EnterpriseServer Service affected versions not specified Description: The issue is related to an unrestricted file upload vulnerability in the Ivanti Avalanche EnterpriseServer Service, which can be exploited to elevate...

7.8CVSS7.7AI score0.00101EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2023/03/29 12:0 a.m.6 views

CVE-2022-36980

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9.4CVSS8.2AI score0.15273EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/03/29 12:0 a.m.11 views

CVE-2022-36980

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9.4CVSS8.4AI score0.15273EPSS
Exploits0References2
CVE
CVEadded 2023/03/29 12:0 a.m.66 views

CVE-2022-36980

CVE-2022-36980 affects Ivanti Avalanche 6.3.2.3490. The vulnerability is an authentication bypass in the EnterpriseServer service caused by lack of proper locking during authentication, enabling remote attackers to bypass authentication. Connected sources identify ZDI-22-785 and related advisorie...

9.4CVSS8.5AI score0.15273EPSS
Exploits0References2Affected Software1
Zero Day Initiative
Zero Day Initiativeadded 2022/05/26 12:0 a.m.21 views

Ivanti Avalanche EnterpriseServer Service Race Condition Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the EnterpriseServer service...

9.4CVSS1.5AI score0.15273EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/05/26 12:0 a.m.1 views

PT-2022-23724 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche version 6.3.2.3490 Description: This issue allows remote attackers to bypass authentication on affected installations. Although authentication is required to exploit this issue, the existing authentication mechanism can be...

9.4CVSS8.9AI score0.15273EPSS
Exploits0References4
Rows per page
Query Builder