Category Archives: Advisories

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-34782.

Advisories

ZDI-24-1498: Ivanti Endpoint Manager Report_Run SQL Injection Remote Code Execution Vulnerability

November 13, 2024

Read Time:12 Second

Advisories

ZDI-24-1497: Ivanti Endpoint Manager MP_QueryDetail SQL Injection Remote Code Execution Vulnerability

November 13, 2024

Read Time:12 Second

Advisories

ZDI-24-1496: Ivanti Endpoint Manager Report_Run2 SQL Injection Remote Code Execution Vulnerability

November 13, 2024

Read Time:12 Second

Advisories

ZDI-24-1495: Ivanti Endpoint Manager MP_QueryDetail2 SQL Injection Remote Code Execution Vulnerability

November 13, 2024

Read Time:12 Second

Advisories

ZDI-24-1494: Ivanti Endpoint Manager GetCountForQuery SQL Injection Remote Code Execution Vulnerability

November 13, 2024

Read Time:12 Second

Advisories

ZDI-24-1493: Ivanti Endpoint Manager MP_VistaReport SQL Injection Remote Code Execution Vulnerability

November 13, 2024

Read Time:12 Second

Advisories

ZDI-24-1492: Ivanti Avalanche WLAvalancheService TV_FP Infinite Loop Denial-of-Service Vulnerability

November 13, 2024

Read Time:13 Second

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-50321.

Advisories

ZDI-24-1491: Ivanti Avalanche WLAvalancheService TV_FC Infinite Loop Denial-of-Service Vulnerability

November 13, 2024

Read Time:13 Second

Advisories

SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)

November 13, 2024

Read Time:17 Second

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Nov 12

SEC Consult Vulnerability Lab Security Advisory < 20241112-0 >
=======================================================================
title: Multiple vulnerabilities
product: Siemens Energy Omnivise T3000
vulnerable version: >=8.2 SP3
fixed version: see solution section
CVE number: CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879
impact: High…

News, Advisories and much more

Exit mobile version

Cyber Security News

Category Archives: Advisories

ZDI-24-1499: Ivanti Endpoint Manager PatchHistory SQL Injection Remote Code Execution Vulnerability

ZDI-24-1498: Ivanti Endpoint Manager Report_Run SQL Injection Remote Code Execution Vulnerability

ZDI-24-1497: Ivanti Endpoint Manager MP_QueryDetail SQL Injection Remote Code Execution Vulnerability

ZDI-24-1496: Ivanti Endpoint Manager Report_Run2 SQL Injection Remote Code Execution Vulnerability

ZDI-24-1495: Ivanti Endpoint Manager MP_QueryDetail2 SQL Injection Remote Code Execution Vulnerability

ZDI-24-1494: Ivanti Endpoint Manager GetCountForQuery SQL Injection Remote Code Execution Vulnerability

ZDI-24-1493: Ivanti Endpoint Manager MP_VistaReport SQL Injection Remote Code Execution Vulnerability

ZDI-24-1492: Ivanti Avalanche WLAvalancheService TV_FP Infinite Loop Denial-of-Service Vulnerability

ZDI-24-1491: Ivanti Avalanche WLAvalancheService TV_FC Infinite Loop Denial-of-Service Vulnerability

SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)

News, Advisories and much more