|
1131
|
7.2 |
HIGH
Network
|
ivanti
|
connect_secure
policy_secure
|
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code…
Update
|
CWE-78
OS Command
|
CVE-2024-11007
|
2024-11-19 00:08 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1132
|
7.5 |
HIGH
Network
ivanti
|
avalanche
|
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
Update
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-50321
|
2024-11-19 00:06 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1133
|
7.5 |
HIGH
Network
ivanti
|
avalanche
|
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
Update
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-50320
|
2024-11-19 00:06 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1134
|
7.5 |
HIGH
Network
ivanti
|
avalanche
|
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
Update
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-50319
|
2024-11-19 00:06 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1135
|
7.5 |
HIGH
Network
ivanti
|
avalanche
|
A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50318
|
2024-11-19 00:06 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1136
|
7.5 |
HIGH
Network
ivanti
|
avalanche
|
A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service.
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50317
|
2024-11-19 00:06 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1137
|
4.3 |
MEDIUM
Network
|
kognetiks
|
kognetiks_chatbot
|
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8. This is due to missing or incorrect nonce validation …
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-11143
|
2024-11-19 00:03 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1138
|
6.1 |
MEDIUM
Network
|
kognetiks
|
kognetiks_chatbot
|
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dir' parameter in all versions up to, and including, 2.1.7 due to insufficient input …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10684
|
2024-11-19 00:03 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1139
|
4.3 |
MEDIUM
Network
|
kognetiks
|
kognetiks_chatbot
|
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_assistant() function in all versions up to,…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-10531
|
2024-11-19 00:02 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1140
|
4.3 |
MEDIUM
Network
|
kognetiks
|
kognetiks_chatbot
|
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the add_new_assistant() function in all versions up to…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-10530
|
2024-11-18 23:59 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
