189 matches found
CVE-2023-46225
This entry covers CVE-2023-46225 affecting Ivanti Avalanche. The vulnerability is a stack-based buffer overflow in WLAvalancheService (Mobile Device Server) that can be triggered by specially crafted data packets, causing memory corruption and potentially remote code execution or Denial of Servic...
CVE-2023-46265
An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery SSRF...
CVE-2023-46260
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46804
CVE-2023-46804 affects Ivanti Avalanche’s WLAvalancheService (Mobile Device Server) and is described in connected documents as causing memory corruption via specially crafted data packets, leading to a Denial-of-Service. The ZDI advisory attributes the root cause to an integer underflow in WLAval...
CVE-2023-46259
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46217
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46260
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
CVE-2023-46261
CVE-2023-46261 affects Ivanti Avalanche via a WLInfoRailService heap-based buffer overflow. An attacker can send specially crafted packets to the Mobile Device Server, causing memory corruption that could lead to DoS or remote code execution. Public records consistently describe the vulnerability...
CVE-2023-46258
Ivanti Avalanche (WLAvalancheService) is affected by CVE-2023-46258. A memory corruption vulnerability can be triggered by sending specially crafted data packets to the Mobile Device Server, potentially causing a Denial of Service or remote code execution. Affected component: WLAvalancheService i...
CVE-2023-41727
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
Wavelink Avalanche Security Vulnerability
Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit this vulnerability by sending specially crafted packets to the mobile device server, which could result ...
PT-2023-29912 · Unknown · Mobile Device Server
Name of the Vulnerable Software and Affected Versions: Mobile Device Server affected versions not specified Description: An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption, which could result in a Denial of Service DoS or code execution...
Wavelink Avalanche Security Vulnerability
Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit this vulnerability by sending specially crafted packets to the mobile device server, which could result ...
PT-2023-29911 · Unknown · Mobile Device Server
Name of the Vulnerable Software and Affected Versions: Mobile Device Server affected versions not specified Description: An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption, which could result in a Denial of Service DoS or code execution...
Wavelink Avalanche Security Vulnerability
Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit the vulnerability by sending specially crafted packets to the mobile device server, resulting in memory...
Wavelink Avalanche Security Vulnerability
Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit the vulnerability by sending specially crafted packets to the mobile device server, resulting in memory...
Wavelink Avalanche Security Vulnerability
Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit this vulnerability by sending specially crafted packets to the mobile device server, which could result ...
PT-2023-8332 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions affected versions not specified Description: The issue is related to a stack-based buffer overflow in the WLAvalancheService of the Ivanti Avalanche system, which can be exploited by an attacker sending specially...
PT-2023-8294 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche affected versions not specified Description: The issue is related to a Denial of Service DoS that can be caused by an attacker sending specially crafted data packets to the Mobile Device Server, resulting in memory corruption...
PT-2023-8293 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions affected versions not specified Description: The issue is related to insufficient exception handling in the WLAvalancheService of the Ivanti Avalanche mobile device management system. An attacker can exploit this by...