79 matches found
EUVD-2025-4984
Malicious code in bioql PyPI...
EUVD-2024-49899
Malicious code in bioql PyPI...
EUVD-2024-34196
Malicious code in bioql PyPI...
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms
The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-day vulnerabilities...
CVE-2024-9379
SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements...
Ivanti CSA Path Traversal Vulnerability
Ivanti CSA is a locally deployed virtual appliance designed to simplify and enhance the integration of Ivanti products with cloud services. The Ivanti CSA suffers from a path traversal vulnerability that arises when the program fails to properly filter special elements in the path of a resource o...
Ivanti CSA OS Command Injection Vulnerability
Ivanti CSA is a locally deployed virtual appliance designed to simplify and enhance the integration of Ivanti products with cloud services. The Ivanti CSA suffers from an OS command injection vulnerability that stems from the application failing to properly filter constructed command special...
CVE-2024-11771
Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality...
CVE-2024-47908
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-47908
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-47908
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-47908
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-11771
Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality...
CVE-2024-11771
Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality...
CVE-2024-11771
Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality...
CVE-2024-11771
Ivanti CSA (Cloud Services Appliance) is affected by CVE-2024-11771: a path traversal vulnerability in versions before 5.0.5 allows a remote unauthenticated attacker to access restricted functionality. The CVSS v3.1 base score is 5.3 (Medium); attack vector NETWORK, no privileges required, no use...
CVE-2024-11771
Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality...
CVE-2024-47908
Ivanti CSA pre-5.0.5 contains an OS command injection in the admin web console. An authenticated admin can remotely execute arbitrary commands, enabling remote code execution. Public advisories list the affected condition as path traversal in related CVEs, but the core issue here is OS command in...
CVE-2024-47908
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
CVE-2024-47908
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution...