Avalanche

avalanche

Vendor: Ivanti • 117 CVEs

CVEs (117)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-46259 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46258 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46257 1Ivanti 1Avalanche May 6, 2025 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46225 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46224 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46223 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46222 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46221 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46220 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46217 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-46216 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2023-41727 1Ivanti 1Avalanche May 6, 2025 Dec 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
CVE-2021-22962 1Ivanti 1Avalanche Nov 21, 2024 Dec 19, 2023 N/A· v4 9.1 CRITICAL· v3 N/A· v2 An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack.
CVE-2023-41726 1Ivanti 1Avalanche Nov 21, 2024 Nov 3, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability
CVE-2023-41725 1Ivanti 1Avalanche Nov 21, 2024 Nov 3, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability
CVE-2022-43555 1Ivanti 1Avalanche Nov 21, 2024 Nov 3, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability
CVE-2022-43554 1Ivanti 1Avalanche Nov 21, 2024 Nov 3, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability
CVE-2023-32565 1Ivanti 1Avalanche Nov 21, 2024 Aug 10, 2023 N/A· v4 9.1 CRITICAL· v3 N/A· v2 An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1.
CVE-2023-32564 1Ivanti 1Avalanche Nov 21, 2024 Aug 10, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.
CVE-2023-32563 1Ivanti 1Avalanche Nov 21, 2024 Aug 10, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An unauthenticated attacker could achieve the code execution through a RemoteControl server.

Previous 1 2 345 6 Next