Vulnerabilities > Ivanti > Avalanche > 6.4.1.207
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-25 | CVE-2024-23527 | Unspecified vulnerability in Ivanti Avalanche An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. | 7.5 |
| 2024-04-19 | CVE-2024-22061 | Unspecified vulnerability in Ivanti Avalanche A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands | 9.8 |
| 2024-04-19 | CVE-2024-23526 | Unspecified vulnerability in Ivanti Avalanche An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. | 7.5 |
| 2024-04-19 | CVE-2024-23528 | Unspecified vulnerability in Ivanti Avalanche An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. | 7.5 |
| 2024-04-19 | CVE-2024-23529 | Unspecified vulnerability in Ivanti Avalanche An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. | 7.5 |
| 2024-04-19 | CVE-2024-23530 | Unspecified vulnerability in Ivanti Avalanche An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. | 7.5 |
| 2024-04-19 | CVE-2024-23531 | Unspecified vulnerability in Ivanti Avalanche An Integer Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to perform denial of service attacks. | 7.5 |
| 2024-04-19 | CVE-2024-23532 | Unspecified vulnerability in Ivanti Avalanche An out-of-bounds Read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows an authenticated remote attacker to perform denial of service attacks. | 7.5 |
| 2024-04-19 | CVE-2024-23533 | Unspecified vulnerability in Ivanti Avalanche An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an authenticated remote attacker to read sensitive information in memory. | 6.5 |
| 2024-04-19 | CVE-2024-23534 | Unspecified vulnerability in Ivanti Avalanche An Unrestricted File-upload vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. | 8.8 |