Vulnerabilities > Ivanti > Avalanche

DATE CVE VULNERABILITY TITLE RISK
2024-11-12 CVE-2024-50317 NULL Pointer Dereference vulnerability in Ivanti Avalanche
A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-476
7.5
2024-11-12 CVE-2024-50318 NULL Pointer Dereference vulnerability in Ivanti Avalanche
A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-476
7.5
2024-11-12 CVE-2024-50319 Infinite Loop vulnerability in Ivanti Avalanche
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-835
7.5
2024-11-12 CVE-2024-50320 Infinite Loop vulnerability in Ivanti Avalanche
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-835
7.5
2024-11-12 CVE-2024-50321 Infinite Loop vulnerability in Ivanti Avalanche
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-835
7.5
2024-11-12 CVE-2024-50331 Out-of-bounds Read vulnerability in Ivanti Avalanche
An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to leak sensitive information in memory.
network
low complexity
ivanti CWE-125
7.5
2024-10-08 CVE-2024-47007 NULL Pointer Dereference vulnerability in Ivanti Avalanche
A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-476
7.5
2024-10-08 CVE-2024-47008 Server-Side Request Forgery (SSRF) vulnerability in Ivanti Avalanche
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information.
network
low complexity
ivanti CWE-918
7.5
2024-10-08 CVE-2024-47009 Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.
network
low complexity
ivanti CWE-22
critical
9.8
2024-10-08 CVE-2024-47010 Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.
network
low complexity
ivanti CWE-22
critical
9.8