Show filters
19 Total Results
Displaying 11-19 of 19
Sort by:
Attacker Value
Unknown
CVE-2024-11005
Disclosure Date: November 12, 2024 (last updated January 18, 2025)
Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.
0
Attacker Value
Unknown
CVE-2024-11004
Disclosure Date: November 12, 2024 (last updated January 18, 2025)
Reflected XSS in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.
0
Attacker Value
Unknown
CVE-2024-9420
Disclosure Date: November 12, 2024 (last updated January 18, 2025)
A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9
and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution
0
Attacker Value
Unknown
CVE-2024-8495
Disclosure Date: November 12, 2024 (last updated January 18, 2025)
A null pointer dereference in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to cause a denial of service.
0
Attacker Value
Unknown
CVE-2024-47909
Disclosure Date: November 12, 2024 (last updated November 19, 2024)
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.
0
Attacker Value
Unknown
CVE-2024-47907
Disclosure Date: November 12, 2024 (last updated November 19, 2024)
A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service.
0
Attacker Value
Unknown
CVE-2024-47906
Disclosure Date: November 12, 2024 (last updated January 18, 2025)
Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx) allows a local authenticated attacker to escalate privileges.
0
Attacker Value
Unknown
CVE-2024-47905
Disclosure Date: November 12, 2024 (last updated November 19, 2024)
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.
0
Attacker Value
Unknown
CVE-2024-11007
Disclosure Date: November 12, 2024 (last updated November 22, 2024)
Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.
0
