For providers | HunCERT group

13 Nov 2024

Riasztás

NA - CVE-2024-34787 - Path traversal in Ivanti Endpoint Manager...

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User...

security-database.com

13 Nov 2024

Riasztás

NA - CVE-2024-37376 - SQL injection in Ivanti Endpoint Manager before...

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote...

security-database.com

13 Nov 2024

Riasztás

NA - CVE-2024-37398 - Insufficient validation in Ivanti Secure Access...

Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

security-database.com

13 Nov 2024

Riasztás

NA - CVE-2024-37400 - An out of bounds read in Ivanti Connect Secure...

An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service.

security-database.com

13 Nov 2024

Riasztás

NA - CVE-2024-38649 - An out-of-bounds write in IPsec of Ivanti...

An out-of-bounds write in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service.

security-database.com

13 Nov 2024

Riasztás

NA - CVE-2024-38654 - Improper bounds checking in Ivanti Secure...

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.

security-database.com

13 Nov 2024

Riasztás

NA - CVE-2024-38655 - Argument injection in Ivanti Connect Secure...

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote...

security-database.com

13 Nov 2024

Riasztás

NA - CVE-2024-38656 - Argument injection in Ivanti Connect Secure...

Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to...

security-database.com

13 Nov 2024

Riasztás

NA - CVE-2024-39709 - Incorrect file permissions in Ivanti Connect...

Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy Secure before version 22.6R1 allow a local authenticated attacker to escalate their privileges.

security-database.com

13 Nov 2024

Riasztás

NA - CVE-2024-39710 - Argument injection in Ivanti Connect Secure...

Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to...

security-database.com

Phone:	+36 1 279 6222 9am to 4pm
E-mail:	@email
Address:	H-1111 Budapest, Kende u. 13-17.