7.2

CVSS3.1

CVE-2024-34781 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: May 1, 2025, 6:01 p.m.

7.5

CVSS3.0

CVE-2024-37400 -

An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: June 27, 2025, 6:46 p.m.

7.2

CVSS3.1

CVE-2024-32839 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: April 23, 2025, 9:29 p.m.

4.4

CVSS3.0

CVE-2024-38654 -

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: June 27, 2025, 6:45 p.m.

7.5

CVSS3.1

CVE-2024-38649 -

An out-of-bounds write in IPsec of Ivanti Connect Secure before version 22.7R2.1(Not Applicable to 9.1Rx) allows a remote unauthenticated attacker to cause a denial of service.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: July 16, 2025, 12:27 a.m.

9.1

CVSS3.0

CVE-2024-39711 -

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: July 11, 2025, 1:53 p.m.

7.8

CVSS3.1

CVE-2024-39709 -

Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: July 16, 2025, 12:32 a.m.

9.1

CVSS3.1

CVE-2024-38656 -

Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: June 27, 2025, 6:42 p.m.

7.2

CVSS3.1

CVE-2024-32844 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: April 23, 2025, 9:25 p.m.

7.8

CVSS3.1

CVE-2024-34787 -

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: May 1, 2025, 6:01 p.m.
Total resulsts: 343887
Page 7376 of 34,389
ยซ previous page ยป next page
Filters