7.8

CVSS3.1

CVE-2024-39709 -

Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: July 16, 2025, 12:32 a.m.

9.1

CVSS3.1

CVE-2024-38656 -

Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: June 27, 2025, 6:42 p.m.

7.2

CVSS3.1

CVE-2024-32844 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: April 23, 2025, 9:25 p.m.

7.8

CVSS3.1

CVE-2024-34787 -

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: May 1, 2025, 6:01 p.m.

7.2

CVSS3.1

CVE-2024-32847 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: April 24, 2025, 3:07 p.m.

7.8

CVSS3.1

CVE-2024-37398 -

Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: March 13, 2025, 5:50 p.m.

7.2

CVSS3.1

CVE-2024-34782 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: May 1, 2025, 6:01 p.m.

7.2

CVSS3.1

CVE-2024-32841 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: April 23, 2025, 9:30 p.m.

9.1

CVSS3.0

CVE-2024-39710 -

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: July 11, 2025, 1:54 p.m.

7.2

CVSS3.1

CVE-2024-37376 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 13, 2024, 1:54 a.m. ๐Ÿ”„ Last Modified: May 1, 2025, 6:01 p.m.
Total resulsts: 349182
Page 7906 of 34,919
ยซ previous page ยป next page
Filters