Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-08 | CVE-2024-47009 | Path Traversal vulnerability in Ivanti Avalanche Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication. | 9.8 |
| 2024-10-08 | CVE-2024-47010 | Path Traversal vulnerability in Ivanti Avalanche Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication. | 9.8 |
| 2024-10-08 | CVE-2024-47011 | Path Traversal vulnerability in Ivanti Avalanche Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information | 7.5 |
| 2024-10-08 | CVE-2024-9379 | SQL Injection vulnerability in Ivanti Endpoint Manager Cloud Services Appliance 4.5/4.6 SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements. | 7.2 |
| 2024-10-08 | CVE-2024-9380 | OS Command Injection vulnerability in Ivanti Endpoint Manager Cloud Services Appliance 4.5/4.6 An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. | 7.2 |
| 2024-10-08 | CVE-2024-9381 | Path Traversal vulnerability in Ivanti Endpoint Manager Cloud Services Appliance 4.5/4.6 Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions. | 7.2 |
| 2024-10-08 | CVE-2024-9620 | A flaw was found in Event-Driven Automation (EDA) in Ansible Automation Platform (AAP), which lacks encryption of sensitive information. network low complexity | 5.3 |
| 2024-10-08 | CVE-2024-9621 | A vulnerability was found in Quarkus CXF. | 5.3 |
| 2024-10-08 | CVE-2024-9622 | A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. | 5.3 |
| 2024-10-08 | CVE-2024-45230 | Unspecified vulnerability in Djangoproject Django An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. | 7.5 |