CVE-2024-24993

A Race Condition TOCTOU vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...

Ivanti Avalanche 安全漏洞

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A security vulnerability exists in Ivanti Avalanche prior to version 6.4.3, which stems from an out-of-bounds read...

PT-2024-2836 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.4.3 Description: A Heap overflow vulnerability in the WLInfoRailService component allows an unauthenticated remote attacker to execute arbitrary commands. The vulnerability is related to a heap-based buffe...

PT-2022-13997 · WordPress · Yop Poll

Name of the Vulnerable Software and Affected Versions: YOP Poll WordPress plugin versions prior to 6.4.3 Description: The issue allows bypassing IP-based limitations to vote in certain situations due to the plugin prioritizing getting a visitor's IP from certain HTTP headers over PHP's REMOTE ADD...