Lucene search
K

283 matches found

NVD
NVD
added 2024/05/31 6:15 p.m.22 views

CVE-2024-29848

An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x allows an authenticated, privileged user to execute arbitrary commands as SYSTEM...

7.2CVSS7.3AI score0.64423EPSS
Exploits0References2
NVD
NVD
added 2024/05/31 6:15 p.m.15 views

CVE-2024-22059

A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlying database. This may also lead to DoS...

8.8CVSS8.6AI score0.0107EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/31 5:38 p.m.40 views

CVE-2024-22059

A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlying database. This may also lead to DoS...

8.8CVSS8.6AI score0.0107EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/31 5:38 p.m.35 views

CVE-2024-22060

An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary files into sensitive directories of ITSM server...

8.7CVSS8.4AI score0.01116EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/31 12:0 a.m.2 views

Ivanti Neurons SQL Injection Vulnerability

Ivanti Neurons is a groundbreaking platform from US-based Ivanti that simplifies and automates IT systems. Ivanti Neurons for ITSM suffers from a SQL injection vulnerability that originates from a SQL injection vulnerability in a web component that allows a remote authenticated user to read,...

8.8CVSS7.6AI score0.0107EPSS
Exploits0References2
NVD
NVD
added 2024/05/22 11:15 p.m.23 views

CVE-2023-46806

An SQL Injection vulnerability in a web component of EPMM versions before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database...

6.7CVSS6.8AI score0.00972EPSS
Exploits0References1
NVD
NVD
added 2024/05/22 11:15 p.m.21 views

CVE-2023-46807

An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database...

6.7CVSS6.9AI score0.01054EPSS
Exploits0References1
OSV
OSV
added 2024/05/22 11:15 p.m.3 views

CVE-2023-46807

An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database...

6.7CVSS5.8AI score0.01054EPSS
Exploits0References1
OSV
OSV
added 2024/05/22 11:15 p.m.4 views

CVE-2023-46806

An SQL Injection vulnerability in a web component of EPMM versions before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database...

6.7CVSS6.9AI score0.00972EPSS
Exploits0References1
CVE
CVE
added 2024/05/22 10:55 p.m.59 views

CVE-2023-46806

Summary : CVE-2023-46806 is an SQL Injection vulnerability in Ivanti EPMM (Endpoint Manager Mobile) reported to affect versions prior to 12.1.0.0. The flaw exists in a web component and can be triggered by an authenticated user with appropriate privileges to read or modify data in the underlying ...

6.7CVSS7.8AI score0.00972EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/22 12:0 a.m.4 views

Ivanti Endpoint Manager Mobile 安全漏洞

Ivanti Endpoint Manager Mobile Ivanti EPMM is a mobile management software engine from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Endpoint Manager Mobile EPMM versions prior to 12.1.0.0, which originates from an SQL injection in the web component that allows an authenticat...

6.7CVSS7.2AI score0.00972EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.4 views

PT-2024-4021 · Ivanti · Ivanti Neurons For Itsm

Name of the Vulnerable Software and Affected Versions: Ivanti Neurons for ITSM affected versions not specified Description: The issue is related to a SQL injection vulnerability in the web component of Ivanti Neurons for ITSM, due to inadequate protection of the SQL query structure. This...

9CVSS8.8AI score0.01116EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.11 views

PT-2024-4036 · Ivanti · Ivanti Neurons For Itsm

Name of the Vulnerable Software and Affected Versions: Ivanti Neurons for ITSM affected versions not specified Description: The issue is related to an unrestricted file upload vulnerability in the web component of Ivanti Neurons for ITSM. This vulnerability allows a remote, authenticated,...

8.8CVSS8.6AI score0.01116EPSS
Exploits0References8
NVD
NVD
added 2024/04/25 6:15 a.m.19 views

CVE-2024-29205

An Improper Check for Unusual or Exceptional Conditions vulnerability in the web component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows a remote unauthenticated attacker to send specially crafted requests in-order-to cause service disruptions...

7.5CVSS7.5AI score0.01581EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/24 11:12 p.m.30 views

CVE-2024-29205

An Improper Check for Unusual or Exceptional Conditions vulnerability in the web component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows a remote unauthenticated attacker to send specially crafted requests in-order-to cause service disruptions...

7.5CVSS7.7AI score0.01581EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.10 views

PT-2024-3223 · D Link · D-Link Dap-3662 +9

Name of the Vulnerable Software and Affected Versions: D-Link DAP products versions DAP-2230, DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2590, DAP-2690, DAP-2695, DAP-3520, DAP-3662 Description: The issue is related to a Cross Site Scripting vulnerability in the session login.php component of...

10CVSS7AI score0.00615EPSS
Exploits0References9
OSV
OSV
added 2024/04/19 2:15 a.m.3 views

CVE-2024-27976

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...

8.8CVSS6AI score0.03237EPSS
Exploits0References1
OSV
OSV
added 2024/04/19 2:15 a.m.1 views

CVE-2024-27977

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to delete arbitrary files, thereby leading to Denial-of-Service...

8.1CVSS5.9AI score0.01807EPSS
Exploits0References1
NVD
NVD
added 2024/04/19 2:15 a.m.16 views

CVE-2024-25000

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...

8.8CVSS8.8AI score0.03048EPSS
Exploits0References1
OSV
OSV
added 2024/04/19 2:15 a.m.4 views

CVE-2024-24999

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...

8.8CVSS6AI score0.02851EPSS
Exploits0References1
Rows per page
Query Builder