Vulnerabilities > Ivanti > Avalanche > 6.4.1.236

DATE CVE VULNERABILITY TITLE RISK
2023-12-19 CVE-2023-46257 Out-of-bounds Write vulnerability in Ivanti Avalanche
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
network
low complexity
ivanti CWE-787
critical
 9.8
9.8
2023-12-19 CVE-2023-46258 Out-of-bounds Write vulnerability in Ivanti Avalanche
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
network
low complexity
ivanti CWE-787
critical
 9.8
9.8
2023-12-19 CVE-2023-46259 Out-of-bounds Write vulnerability in Ivanti Avalanche
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
network
low complexity
ivanti CWE-787
critical
 9.8
9.8
2023-12-19 CVE-2023-46260 Out-of-bounds Write vulnerability in Ivanti Avalanche
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
network
low complexity
ivanti CWE-787
critical
 9.8
9.8
2023-12-19 CVE-2023-46261 Out-of-bounds Write vulnerability in Ivanti Avalanche
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
network
low complexity
ivanti CWE-787
critical
 9.8
9.8
2023-12-19 CVE-2023-46263 Unrestricted Upload of File with Dangerous Type vulnerability in Ivanti Avalanche
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remote code execution.
network
low complexity
ivanti CWE-434
critical
 9.8
9.8
2023-12-19 CVE-2023-46264 Unrestricted Upload of File with Dangerous Type vulnerability in Ivanti Avalanche
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.
network
low complexity
ivanti CWE-434
critical
 9.8
9.8
2023-12-19 CVE-2023-46803 Out-of-bounds Write vulnerability in Ivanti Avalanche
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
network
low complexity
ivanti CWE-787
7.5
7.5
2023-12-19 CVE-2023-46804 Out-of-bounds Write vulnerability in Ivanti Avalanche
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
network
low complexity
ivanti CWE-787
7.5
7.5