Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-01-14 CVE-2024-13180 Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information.
network
low complexity
ivanti CWE-22
7.5
7.5
2025-01-14 CVE-2024-13181 Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.
network
low complexity
ivanti CWE-22
critical
 9.8
9.8
2025-01-14 CVE-2024-52898 IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned.
local
low complexity
CWE-209
6.2
6.2
2025-01-14 CVE-2024-39759 Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 10.0
10
2025-01-14 CVE-2024-39760 Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 10.0
10
2025-01-14 CVE-2024-39761 Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 10.0
10
2025-01-14 CVE-2024-39762 Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 9.1
9.1
2025-01-14 CVE-2024-39763 Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 9.1
9.1
2025-01-14 CVE-2024-39764 Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 9.1
9.1
2025-01-14 CVE-2024-39765 Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-77
critical
 9.1
9.1