Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Avalanche
(Ivanti)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 114 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-01-25 | CVE-2023-41474 | Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component. | Avalanche | 6.5 | ||
| 2023-12-19 | CVE-2023-41727 | An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | Avalanche | 9.8 | ||
| 2023-12-19 | CVE-2023-46257 | An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | Avalanche | 9.8 | ||
| 2024-04-19 | CVE-2024-22061 | A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands | Avalanche | 9.8 |