35 matches found
EUVD-2024-49599
Malicious code in bioql PyPI...
EUVD-2023-46216
Malicious code in bioql PyPI...
Ivanti Sentry 安全漏洞
Ivanti Sentry is an in-line gateway from Ivanti USA, Inc. used to manage, encrypt, and protect traffic between mobile devices and back-end enterprise systems. A security vulnerability exists in Ivanti Sentry that stems from an authenticated user being able to access Sentry-protected services, eve...
CVE-2023-41724
A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network...
CVE-2024-8540
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components...
CVE-2024-8540
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components...
CVE-2024-8540
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components...
CVE-2024-8540
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components...
CVE-2024-8540
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components...
CVE-2024-8540
CVE-2024-8540 affects Ivanti Sentry. Insecure permissions in Ivanti Sentry before versions 9.20.2 and before 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components. Patches are available: Sentry 9.20.2, 10.0.2, and 10.1.0. This entry is supported by multi...
Security Advisory Ivanti Sentry (CVE-2024-8540)
Security Advisory Ivanti Sentry CVE-2024-8540 Summary Ivanti has released updates for Ivanti Sentry which addresses one high severity vulnerability. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details: CVE Number | Descriptio...
Ivanti Releases Security Updates for Multiple Products
Ivanti released security updates to address vulnerabilities in Ivanti Cloud Service Application, Ivanti Desktop and Server Management DSM, Ivanti Connect Secure and Police Secure, Ivanti Sentry, and Ivanti Patch SDK. CISA encourages users and administrators to review the following Ivanti security...
Ivanti Sentry 安全漏洞
Ivanti Sentry is an in-line gateway from Ivanti USA, Inc. It is used to manage, encrypt and protect traffic between mobile devices and back-end enterprise systems. A security vulnerability exists in Ivanti Sentry that stems from insecure privilege management. An attacker could exploit the...
PT-2024-39081 · Ivanti · Ivanti Sentry
Name of the Vulnerable Software and Affected Versions: Ivanti Sentry versions prior to 9.20.2 Ivanti Sentry versions prior to 10.0.2 Ivanti Sentry versions prior to 10.1.0 Description: The issue allows a local authenticated attacker to modify sensitive application components due to insecure...
Ivanti Sentry Authentication Bypass
Ivanti Sentry, formerly known as MobileIron Sentry, is vulnerable to an API authentication bypass on the Sentry administrator interface. A remote and unauthenticated attacker can leverage this vulnerability to gain access to sensitive APIs and achieve OS command execution as the root user on the...
VulnCheck KEV: CVE-2023-41724
A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network...
CVE-2023-41724
A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network...
CVE-2023-41724
A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network...
CVE-2023-41724
Ivanti Standalone Sentry is affected by CVE-2023-41724, a remote code execution/command-injection vulnerability in which an unauthenticated threat actor can execute arbitrary commands on the appliance’s underlying OS when on the same network. The vulnerability affects Standalone Sentry versions p...
CVE-2023-41724
A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network...