Lucene search
K

189 matches found

CVE
CVE
added 2023/12/19 3:43 p.m.40 views

CVE-2023-46225

This entry covers CVE-2023-46225 affecting Ivanti Avalanche. The vulnerability is a stack-based buffer overflow in WLAvalancheService (Mobile Device Server) that can be triggered by specially crafted data packets, causing memory corruption and potentially remote code execution or Denial of Servic...

9.8CVSS9.6AI score0.11337EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.12 views

CVE-2023-46265

An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery SSRF...

6.5CVSS9.6AI score0.04004EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.20 views

CVE-2023-46260

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

7.5CVSS9.8AI score0.09837EPSS
Exploits0References1
CVE
CVE
added 2023/12/19 3:43 p.m.46 views

CVE-2023-46804

CVE-2023-46804 affects Ivanti Avalanche’s WLAvalancheService (Mobile Device Server) and is described in connected documents as causing memory corruption via specially crafted data packets, leading to a Denial-of-Service. The ZDI advisory attributes the root cause to an integer underflow in WLAval...

7.5CVSS7.6AI score0.04148EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.66 views

CVE-2023-46259

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.11337EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.61 views

CVE-2023-46217

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.36395EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/19 3:43 p.m.11 views

CVE-2023-46260

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

7.5CVSS7.7AI score0.09837EPSS
Exploits0References1
CVE
CVE
added 2023/12/19 3:43 p.m.42 views

CVE-2023-46261

CVE-2023-46261 affects Ivanti Avalanche via a WLInfoRailService heap-based buffer overflow. An attacker can send specially crafted packets to the Mobile Device Server, causing memory corruption that could lead to DoS or remote code execution. Public records consistently describe the vulnerability...

9.8CVSS9.6AI score0.11337EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/19 3:43 p.m.44 views

CVE-2023-46258

Ivanti Avalanche (WLAvalancheService) is affected by CVE-2023-46258. A memory corruption vulnerability can be triggered by sending specially crafted data packets to the Mobile Device Server, potentially causing a Denial of Service or remote code execution. Affected component: WLAvalancheService i...

9.8CVSS9.6AI score0.06782EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.50 views

CVE-2023-41727

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.36395EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.5 views

Wavelink Avalanche Security Vulnerability

Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit this vulnerability by sending specially crafted packets to the mobile device server, which could result ...

9.8CVSS7.2AI score0.09837EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/19 12:0 a.m.5 views

PT-2023-29912 · Unknown · Mobile Device Server

Name of the Vulnerable Software and Affected Versions: Mobile Device Server affected versions not specified Description: An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption, which could result in a Denial of Service DoS or code execution...

9.8CVSS9.3AI score0.36395EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.7 views

Wavelink Avalanche Security Vulnerability

Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit this vulnerability by sending specially crafted packets to the mobile device server, which could result ...

9.8CVSS7.2AI score0.36395EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/19 12:0 a.m.3 views

PT-2023-29911 · Unknown · Mobile Device Server

Name of the Vulnerable Software and Affected Versions: Mobile Device Server affected versions not specified Description: An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption, which could result in a Denial of Service DoS or code execution...

9.8CVSS9.3AI score0.36395EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.3 views

Wavelink Avalanche Security Vulnerability

Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit the vulnerability by sending specially crafted packets to the mobile device server, resulting in memory...

7.5CVSS6.7AI score0.04148EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.4 views

Wavelink Avalanche Security Vulnerability

Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit the vulnerability by sending specially crafted packets to the mobile device server, resulting in memory...

7.5CVSS6.7AI score0.04148EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.3 views

Wavelink Avalanche Security Vulnerability

Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit this vulnerability by sending specially crafted packets to the mobile device server, which could result ...

9.8CVSS7.2AI score0.11337EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.4 views

PT-2023-8332 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions affected versions not specified Description: The issue is related to a stack-based buffer overflow in the WLAvalancheService of the Ivanti Avalanche system, which can be exploited by an attacker sending specially...

9.8CVSS9.8AI score0.11337EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.6 views

PT-2023-8294 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche affected versions not specified Description: The issue is related to a Denial of Service DoS that can be caused by an attacker sending specially crafted data packets to the Mobile Device Server, resulting in memory corruption...

7.8CVSS7.6AI score0.04148EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.5 views

PT-2023-8293 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions affected versions not specified Description: The issue is related to insufficient exception handling in the WLAvalancheService of the Ivanti Avalanche mobile device management system. An attacker can exploit this by...

7.8CVSS7.5AI score0.04148EPSS
Exploits0References8
Rows per page
Query Builder