Vulnerabilities > Ivanti > Avalanche > 6.1.103.53
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-08 | CVE-2024-47008 | Server-Side Request Forgery (SSRF) vulnerability in Ivanti Avalanche Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information. | 7.5 |
| 2024-10-08 | CVE-2024-47009 | Path Traversal vulnerability in Ivanti Avalanche Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication. | 9.8 |
| 2024-10-08 | CVE-2024-47010 | Path Traversal vulnerability in Ivanti Avalanche Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication. | 9.8 |
| 2024-10-08 | CVE-2024-47011 | Path Traversal vulnerability in Ivanti Avalanche Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information | 7.5 |
| 2023-12-19 | CVE-2021-22962 | Unspecified vulnerability in Ivanti Avalanche An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. | 9.1 |
| 2023-12-19 | CVE-2023-41727 | Out-of-bounds Write vulnerability in Ivanti Avalanche An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | 9.8 |
| 2023-12-19 | CVE-2023-46216 | Out-of-bounds Write vulnerability in Ivanti Avalanche An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | 9.8 |
| 2023-12-19 | CVE-2023-46217 | Out-of-bounds Write vulnerability in Ivanti Avalanche An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | 9.8 |
| 2023-12-19 | CVE-2023-46220 | Out-of-bounds Write vulnerability in Ivanti Avalanche An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | 9.8 |
| 2023-12-19 | CVE-2023-46221 | Out-of-bounds Write vulnerability in Ivanti Avalanche An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | 9.8 |