Ivanti Connect Secure
Approved changes feed: RSS · Atom
cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*
part: a version: - update: *
| Vendor | Ivanti (40b984ad-e54c-5e1b-9aa1-2a4cd4d61129) |
|---|---|
| Product | Connect Secure (61f5b622-21c4-5d14-b120-bd5f32132cfb) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-9420 |
vulnerable | 2026-06-03 14:58:21.217676 |
Details available
A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9
and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution
Published: 2024-11-12T15:57:24.947Z
Updated: 2025-03-13T15:31:10.970Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-39709 |
vulnerable | 2026-06-03 14:56:22.259571 |
Details available
HIGH (7.8)
Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges.
Published: 2024-11-13T01:54:45.448Z
Updated: 2024-11-23T21:06:04.916Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-38656 |
vulnerable | 2026-06-03 14:56:19.239586 |
Details available
CRITICAL (9.1)
Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
Published: 2024-11-13T01:54:45.445Z
Updated: 2024-12-01T18:25:55.799Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-38649 |
vulnerable | 2026-06-03 14:56:19.204083 |
Details available
HIGH (7.5)
An out-of-bounds write in IPsec of Ivanti Connect Secure before version 22.7R2.1(Not Applicable to 9.1Rx) allows a remote unauthenticated attacker to cause a denial of service.
Published: 2024-11-13T01:54:45.457Z
Updated: 2024-11-23T21:06:04.739Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-37400 |
vulnerable | 2026-06-03 14:56:06.490377 |
Details available
HIGH (7.5)
An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service.
Published: 2024-11-13T01:54:45.506Z
Updated: 2024-11-13T16:57:19.557Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11005 |
vulnerable | 2026-06-03 14:54:13.140514 |
Details available
CRITICAL (9.1)
Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.
Published: 2024-11-12T16:07:45.350Z
Updated: 2024-11-22T16:33:10.013Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11004 |
vulnerable | 2026-06-03 14:54:13.139551 |
Details available
MEDIUM (6.1)
Reflected XSS in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.
Published: 2024-11-12T16:09:19.437Z
Updated: 2025-04-04T14:34:21.002Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11478 |
vulnerable | 2026-06-03 14:39:33.055796 |
SACK can cause extensive memory use via fragmented resend queue
MEDIUM (5.3)
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.
Published: 2019-06-18T23:34:51.077Z
Updated: 2024-09-16T23:45:54.779Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11477 |
vulnerable | 2026-06-03 14:39:33.051694 |
Integer overflow in TCP_SKB_CB(skb)->tcp_gso_segs
HIGH (7.5)
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
Published: 2019-06-18T23:34:51.026Z
Updated: 2024-09-17T02:21:15.995Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.