Vulnerabilities (CVE)

Filtered by vendor Ivanti Subscribe
Filtered by product Avalanche
Total 82 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-36136 1 Ivanti 1 Avalanche 2024-08-15 N/A 7.5 HIGH
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.
CVE-2023-46223 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-08-01 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2021-22962 1 Ivanti 1 Avalanche 2024-02-28 N/A 9.1 CRITICAL
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack.
CVE-2023-46217 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46261 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46259 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-41727 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46803 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 7.5 HIGH
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
CVE-2023-46257 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46263 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remote code execution.
CVE-2023-46225 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-41474 1 Ivanti 1 Avalanche 2024-02-28 N/A 6.5 MEDIUM
Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component.
CVE-2023-46804 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 7.5 HIGH
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
CVE-2023-46260 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46220 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46266 1 Ivanti 1 Avalanche 2024-02-28 N/A 9.1 CRITICAL
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack.
CVE-2023-46222 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46264 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.
CVE-2023-46221 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46216 2 Ivanti, Microsoft 2 Avalanche, Windows 2024-02-28 N/A 9.8 CRITICAL
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.