283 matches found
CVE-2024-29848
An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x allows an authenticated, privileged user to execute arbitrary commands as SYSTEM...
CVE-2024-22059
A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlying database. This may also lead to DoS...
CVE-2024-22059
A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlying database. This may also lead to DoS...
CVE-2024-22060
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary files into sensitive directories of ITSM server...
Ivanti Neurons SQL Injection Vulnerability
Ivanti Neurons is a groundbreaking platform from US-based Ivanti that simplifies and automates IT systems. Ivanti Neurons for ITSM suffers from a SQL injection vulnerability that originates from a SQL injection vulnerability in a web component that allows a remote authenticated user to read,...
CVE-2023-46806
An SQL Injection vulnerability in a web component of EPMM versions before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database...
CVE-2023-46807
An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database...
CVE-2023-46807
An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database...
CVE-2023-46806
An SQL Injection vulnerability in a web component of EPMM versions before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database...
CVE-2023-46806
Summary : CVE-2023-46806 is an SQL Injection vulnerability in Ivanti EPMM (Endpoint Manager Mobile) reported to affect versions prior to 12.1.0.0. The flaw exists in a web component and can be triggered by an authenticated user with appropriate privileges to read or modify data in the underlying ...
Ivanti Endpoint Manager Mobile 安全漏洞
Ivanti Endpoint Manager Mobile Ivanti EPMM is a mobile management software engine from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Endpoint Manager Mobile EPMM versions prior to 12.1.0.0, which originates from an SQL injection in the web component that allows an authenticat...
PT-2024-4021 · Ivanti · Ivanti Neurons For Itsm
Name of the Vulnerable Software and Affected Versions: Ivanti Neurons for ITSM affected versions not specified Description: The issue is related to a SQL injection vulnerability in the web component of Ivanti Neurons for ITSM, due to inadequate protection of the SQL query structure. This...
PT-2024-4036 · Ivanti · Ivanti Neurons For Itsm
Name of the Vulnerable Software and Affected Versions: Ivanti Neurons for ITSM affected versions not specified Description: The issue is related to an unrestricted file upload vulnerability in the web component of Ivanti Neurons for ITSM. This vulnerability allows a remote, authenticated,...
CVE-2024-29205
An Improper Check for Unusual or Exceptional Conditions vulnerability in the web component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows a remote unauthenticated attacker to send specially crafted requests in-order-to cause service disruptions...
CVE-2024-29205
An Improper Check for Unusual or Exceptional Conditions vulnerability in the web component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows a remote unauthenticated attacker to send specially crafted requests in-order-to cause service disruptions...
PT-2024-3223 · D Link · D-Link Dap-3662 +9
Name of the Vulnerable Software and Affected Versions: D-Link DAP products versions DAP-2230, DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2590, DAP-2690, DAP-2695, DAP-3520, DAP-3662 Description: The issue is related to a Cross Site Scripting vulnerability in the session login.php component of...
CVE-2024-27976
A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...
CVE-2024-27977
A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to delete arbitrary files, thereby leading to Denial-of-Service...
CVE-2024-25000
A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...
CVE-2024-24999
A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...