Lucene search
K

189 matches found

CVE
CVE
added 2023/12/19 3:43 p.m.38 views

CVE-2023-46223

CVE-2023-46223 affects Ivanti Avalanche/WLAvalancheService (Mobile Device Server). The vulnerability is described as memory corruption/stack-based buffer overflow that can be triggered by specially crafted data packets, potentially enabling Denial of Service or remote code execution. Exploitation...

9.8CVSS9.6AI score0.06782EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.19 views

CVE-2023-46222

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.06782EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/19 3:43 p.m.12 views

CVE-2023-46223

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS7.4AI score0.06782EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.15 views

CVE-2023-46224

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.06782EPSS
Exploits0References1
CVE
CVE
added 2023/12/19 3:43 p.m.33 views

CVE-2023-46221

CVE-2023-46221 affects Ivanti Avalanche: WLAvalancheService stack-based buffer overflow in the Mobile Device Server that can lead to memory corruption with DoS or remote code execution. Exploitation described as remote, with no authentication required in some advisories. The issue is addressed in...

9.8CVSS9.6AI score0.06782EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.67 views

CVE-2023-46225

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.11337EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.66 views

CVE-2023-46257

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.11337EPSS
Exploits0References1
CVE
CVE
added 2023/12/19 3:43 p.m.43 views

CVE-2023-46224

Ivanti Avalanche vulnerable in WLAvalancheService: a memory corruption due to crafted data packets to the Mobile Device Server can trigger DoS or remote code execution (CVE-2023-46224). Affects Avalanche versions prior to fixed release; remediation cited by Ivanti is to update to Avalanche 6.4.2 ...

9.8CVSS9.6AI score0.06782EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/19 3:43 p.m.6 views

CVE-2023-41727

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.7AI score0.36395EPSS
Exploits0References1
CVE
CVE
added 2023/12/19 3:43 p.m.45 views

CVE-2023-46222

Ivanti Avalanche WLAvalancheService is affected by CVE-2023-46222. The issue is a stack-based buffer/ memory corruption vulnerability in the WLAvalancheService that can be triggered by receiving specially crafted data packets over the Mobile Device Server, potentially enabling Denial of Service o...

9.8CVSS9.6AI score0.06782EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/19 3:43 p.m.45 views

CVE-2023-46265

Ivanti Avalanche includes CVE-2023-46265 (XXE vulnerability in the Smart Device Server) that can allow an unauthenticated attacker to leak data or perform a Server-Side Request Forgery (SSRF). The issue is tied to a decode/XML processing path and is listed among multiple related CVEs in the 6.4.2...

9.8CVSS6.4AI score0.04004EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/19 3:43 p.m.47 views

CVE-2023-46803

Ivanti Avalanche WLAvalancheService contains a Divide By Zero Denial-of-Service vulnerability. In Ivanti Avalanche’s WLAvalancheService (Mobile Device Server), an attacker can send specially crafted packets to trigger a memory corruption condition via an integer division error, enabling a remote ...

7.5CVSS7.6AI score0.04148EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/19 3:43 p.m.53 views

CVE-2023-41727

CVE-2023-41727 describes a memory corruption vulnerability in Ivanti Avalanche’s Mobile Device Server component, exploitable by specially crafted packets to cause DoS or remote code execution. Public docs tie this to Ivanti Avalanche prior to version 6.4.2 (noting a 9.8/critical impact per CVSS i...

9.8CVSS9.6AI score0.36395EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/19 3:43 p.m.41 views

CVE-2023-46261

CVE-2023-46261 affects Ivanti Avalanche via a WLInfoRailService heap-based buffer overflow. An attacker can send specially crafted packets to the Mobile Device Server, causing memory corruption that could lead to DoS or remote code execution. Public records consistently describe the vulnerability...

9.8CVSS9.6AI score0.11337EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/19 3:43 p.m.40 views

CVE-2023-46225

This entry covers CVE-2023-46225 affecting Ivanti Avalanche. The vulnerability is a stack-based buffer overflow in WLAvalancheService (Mobile Device Server) that can be triggered by specially crafted data packets, causing memory corruption and potentially remote code execution or Denial of Servic...

9.8CVSS9.6AI score0.11337EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.12 views

CVE-2023-46265

An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery SSRF...

6.5CVSS9.6AI score0.04004EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.68 views

CVE-2023-46220

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.11337EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.20 views

CVE-2023-46260

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

7.5CVSS9.8AI score0.09837EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.66 views

CVE-2023-46259

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.11337EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.61 views

CVE-2023-46217

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.36395EPSS
Exploits0References1
Rows per page
Query Builder