Page 3 of 264 results (0.004 seconds)

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2024 flat allows an authenticated attacker within the same network to execute arbitrary code. • https://forums.ivanti.com/s/article/Security-Advisory-EPM-July-2024-for-EPM-2024 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM. Una vulnerabilidad de escalada de privilegios local en Ivanti Secure Access Client para Windows permite a un usuario con pocos privilegios ejecutar código como SYSTEM. • https://forums.ivanti.com/s/article/Security-Advisory-May-2024?language=en_US • CWE-250: Execution with Unnecessary Privileges •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlying database. This may also lead to DoS. Una vulnerabilidad de inyección SQL en el componente web de Ivanti Neurons para ITSM permite a un usuario autenticado remoto leer/modificar/eliminar información en la base de datos subyacente. Esto también puede provocar DoS. • https://forums.ivanti.com/s/article/Security-Advisory-May-2024 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1, allows a low privileged user to execute code as root. Una vulnerabilidad de escalada de privilegios local en Ivanti Secure Access Client para Linux anterior a 22.7R1 permite a un usuario con pocos privilegios ejecutar código como root. • https://forums.ivanti.com/s/article/Security-Advisory-May-2024 •

CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0

An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary files into sensitive directories of ITSM server. Una vulnerabilidad de carga de archivos sin restricciones en el componente web de Ivanti Neurons para ITSM permite a un usuario remoto, autenticado y con altos privilegios escribir archivos arbitrarios en directorios confidenciales del servidor ITSM. • https://forums.ivanti.com/s/article/Security-Advisory-May-2024 • CWE-434: Unrestricted Upload of File with Dangerous Type •