Vulnerabilities > Ivanti > Avalanche

DATE CVE VULNERABILITY TITLE RISK
2025-01-14 CVE-2024-13179 Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.
network
low complexity
ivanti CWE-22
critical
 9.8
9.8
2025-01-14 CVE-2024-13180 Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information.
network
low complexity
ivanti CWE-22
7.5
7.5
2025-01-14 CVE-2024-13181 Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.
network
low complexity
ivanti CWE-22
critical
 9.8
9.8
2024-11-12 CVE-2024-50317 NULL Pointer Dereference vulnerability in Ivanti Avalanche
A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-476
7.5
7.5
2024-11-12 CVE-2024-50318 NULL Pointer Dereference vulnerability in Ivanti Avalanche
A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-476
7.5
7.5
2024-11-12 CVE-2024-50319 Infinite Loop vulnerability in Ivanti Avalanche
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-835
7.5
7.5
2024-11-12 CVE-2024-50320 Infinite Loop vulnerability in Ivanti Avalanche
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-835
7.5
7.5
2024-11-12 CVE-2024-50321 Infinite Loop vulnerability in Ivanti Avalanche
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-835
7.5
7.5
2024-11-12 CVE-2024-50331 Out-of-bounds Read vulnerability in Ivanti Avalanche
An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to leak sensitive information in memory.
network
low complexity
ivanti CWE-125
7.5
7.5
2024-10-08 CVE-2024-47007 NULL Pointer Dereference vulnerability in Ivanti Avalanche
A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service.
network
low complexity
ivanti CWE-476
7.5
7.5