189 matches found
CVE-2023-46223
CVE-2023-46223 affects Ivanti Avalanche/WLAvalancheService (Mobile Device Server). The vulnerability is described as memory corruption/stack-based buffer overflow that can be triggered by specially crafted data packets, potentially enabling Denial of Service or remote code execution. Exploitation...
CVE-2023-46222
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46223
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46224
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46221
CVE-2023-46221 affects Ivanti Avalanche: WLAvalancheService stack-based buffer overflow in the Mobile Device Server that can lead to memory corruption with DoS or remote code execution. Exploitation described as remote, with no authentication required in some advisories. The issue is addressed in...
CVE-2023-46225
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46257
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46224
Ivanti Avalanche vulnerable in WLAvalancheService: a memory corruption due to crafted data packets to the Mobile Device Server can trigger DoS or remote code execution (CVE-2023-46224). Affects Avalanche versions prior to fixed release; remediation cited by Ivanti is to update to Avalanche 6.4.2 ...
CVE-2023-41727
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46222
Ivanti Avalanche WLAvalancheService is affected by CVE-2023-46222. The issue is a stack-based buffer/ memory corruption vulnerability in the WLAvalancheService that can be triggered by receiving specially crafted data packets over the Mobile Device Server, potentially enabling Denial of Service o...
CVE-2023-46265
Ivanti Avalanche includes CVE-2023-46265 (XXE vulnerability in the Smart Device Server) that can allow an unauthenticated attacker to leak data or perform a Server-Side Request Forgery (SSRF). The issue is tied to a decode/XML processing path and is listed among multiple related CVEs in the 6.4.2...
CVE-2023-46803
Ivanti Avalanche WLAvalancheService contains a Divide By Zero Denial-of-Service vulnerability. In Ivanti Avalanche’s WLAvalancheService (Mobile Device Server), an attacker can send specially crafted packets to trigger a memory corruption condition via an integer division error, enabling a remote ...
CVE-2023-41727
CVE-2023-41727 describes a memory corruption vulnerability in Ivanti Avalanche’s Mobile Device Server component, exploitable by specially crafted packets to cause DoS or remote code execution. Public docs tie this to Ivanti Avalanche prior to version 6.4.2 (noting a 9.8/critical impact per CVSS i...
CVE-2023-46261
CVE-2023-46261 affects Ivanti Avalanche via a WLInfoRailService heap-based buffer overflow. An attacker can send specially crafted packets to the Mobile Device Server, causing memory corruption that could lead to DoS or remote code execution. Public records consistently describe the vulnerability...
CVE-2023-46225
This entry covers CVE-2023-46225 affecting Ivanti Avalanche. The vulnerability is a stack-based buffer overflow in WLAvalancheService (Mobile Device Server) that can be triggered by specially crafted data packets, causing memory corruption and potentially remote code execution or Denial of Servic...
CVE-2023-46265
An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery SSRF...
CVE-2023-46220
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46260
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46259
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46217
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...