Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 2:17 a.m.18 views

CVE-2025-0282

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution...

9CVSS9.6AI score0.99971EPSS
Exploits13References1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.9 views

The vulnerability of Ivanti Connect Secure (formerly Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons for ZTA – tools for managing IT services – stems from a buffer overflow in the stack. This vulnerability allows attackers to escalate their privileges.

The vulnerability of Ivanti Connect Secure formerly Pulse Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA, which are tools for managing IT services, is related to a buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to increase their privileges...

7CVSS7.4AI score0.17108EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/01/09 12:0 a.m.6 views

The vulnerability of Ivanti Connect Secure (formerly Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons for ZTA – tools for managing IT services – stems from reading data outside of the buffer in memory. This allows attackers to execute arbitrary code.

The vulnerability of Ivanti Connect Secure formerly Pulse Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA, which are tools for managing IT services, lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitra...

9CVSS7.8AI score0.99971EPSS
Exploits13References4Affected Software3
OSV
OSV
added 2025/01/08 11:15 p.m.1 views

CVE-2025-0282

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution...

9CVSS8.1AI score0.99971EPSS
Exploits13References7
Prion
Prion
added 2024/01/31 6:15 p.m.41 views

Server side request forgery (ssrf)

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication...

6.4CVSS7.2AI score0.99999EPSS
Exploits7References1Affected Software2
CVE
CVE
added 2024/01/31 5:51 p.m.501 views

CVE-2024-21893

Technical details about CVE-2024-21893 are not provided in the connected documents. The initial description notes an SSRF vulnerability in Ivanti products, but there are no product/version specifics or remediation details here. Monitor for updates.

8.2CVSS8.8AI score0.99999EPSS
In wildExploits5References2Affected Software2
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.6 views

PT-2023-8497

Name of the Vulnerable Software and Affected Versions Ivanti Connect Secure versions 9.x through 22.x Ivanti Policy Secure versions 9.x through 22.x Ivanti Neurons for ZTA versions 9.x through 22.x Description A server-side request forgery SSRF vulnerability in the SAML component of Ivanti Connec...

8.5CVSS10AI score0.99999EPSS
Exploits5References292
Rows per page
Query Builder