ivanti Latest Vulnerabilities
November 13
Remote Code Execution Vulnerability
CVE-2024-32839
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability Affects Ivanti Endpoint Manager
CVE-2024-32844
IvantiEpm7.2HIGH
Local Admin Can Cause DoS via Improper Bounds Checking
CVE-2024-38654
Ivanti
remote code execution vulnerability in Connect Secure
CVE-2024-39710
Ivanti
Remote Code Execution Vulnerability in Ivanti Endpoint Manager Pre-2024 November Security Updates
CVE-2024-34781
IvantiEpm7.2HIGH
Ivanti Connect Secure Denial of Service Vulnerability
CVE-2024-38649
Ivanti
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-34784
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-32847
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-34782
IvantiEpm7.2HIGH
Local Authenticated Attacker Can Escalate Privileges via Incorrect File Permissions
CVE-2024-39709
Ivanti
Ivanti Endpoint Manager vulnerable to SQL Injection
CVE-2024-32841
IvantiEpm7.2HIGH
Infinite Loop Denial of Service Vulnerability in Ivanti Connect Secure Before v22.7R2.3
CVE-2024-37400
Ivanti
Remote code execution vulnerability in Ivanti Connect Secure
CVE-2024-39712
Ivanti
UnAuthenticated Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-34787
IvantiEpm7.8HIGH
Remote Code Execution Vulnerability Affects Ivanti Connect Secure and Policy Secure
CVE-2024-38656
Ivanti
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-34780
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-37376
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti Connect Secure Before 22.7R2.1 and Ivanti Policy Secure Before 22.7R1.1
CVE-2024-38655
Ivanti
Attackers Can Modify Sensitive Configuration Files via Race Condition in Ivanti Secure Access Client
CVE-2024-29211
IvantiSecure Access Client4.7MEDIUM
Remote Code Execution Vulnerability in Ivanti Connect Secure
CVE-2024-39711
Ivanti
Vulnerability in Ivanti Secure Access Client Could Allow Privilege Escalation
CVE-2024-37398
IvantiSecure Access Client7.8HIGH
November 12
CVE-2024-50324
IvantiEndpoint Manager7.2HIGH
CVE-2024-47906
IvantiConnect Secure7.8HIGH
CVE-2024-50321
IvantiAvalanche7.5HIGH
CVE-2024-50317
IvantiAvalanche7.5HIGH
CVE-2024-50318
IvantiAvalanche7.5HIGH
CVE-2024-50319
IvantiAvalanche7.5HIGH
CVE-2024-50327
IvantiEndpoint Manager7.2HIGH
CVE-2024-50326
IvantiEndpoint Manager7.2HIGH
CVE-2024-47909
IvantiConnect Secure4.9MEDIUM
CVE-2024-50329
IvantiEndpoint Manager8.8HIGH
CVE-2024-50320
IvantiAvalanche7.5HIGH
CVE-2024-50323
IvantiEndpoint Manager7.8HIGH
CVE-2024-47905
IvantiConnect Secure4.9MEDIUM
CVE-2024-50322
IvantiEndpoint Manager7.8HIGH
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-50330
IvantiEndpoint Manager9.8CRITICAL
CVE-2024-50328
IvantiEndpoint Manager7.2HIGH
CVE-2024-47907
IvantiConnect Secure7.5HIGH
CVE-2024-11007
IvantiConnect Secure7.2HIGH
October 18
Remote Code Execution Vulnerability in Ivanti Connect Secure
CVE-2024-37404
Ivanti
Ivanti DSM 2024.2 vulnerability allows elevated privileges with code execution
CVE-2024-29821
Ivanti
Elevated Privileges via Insecure ACL
CVE-2024-29213
Ivanti
October 8
Unauthorized Information Leakage Through Path Traversal in Ivanti Avalanche Before v6.4.5
CVE-2024-47011
IvantiAvalanche7.5HIGH
Unauthenticated Path Traversal Vulnerability in Ivanti Avalanche before v6.4.5
CVE-2024-47010
IvantiAvalanche9.8CRITICAL
Remotely Exploitable Path Traversal Vulnerability in Ivanti Avalanche Before Version 6.4.5
CVE-2024-47009
IvantiAvalanche9.8CRITICAL
Ivanti Avalanche Server-side Request Forgery Vulnerability Allows Leak of Sensitive Information
CVE-2024-47008
IvantiAvalanche7.5HIGH
Remote Denial of Service Vulnerability in Ivanti Avalanche Before 6.4.5
CVE-2024-47007
IvantiAvalanche7.5HIGH
Local Privilege Escalation Vulnerability Found in Ivanti Velocity License Server Before Version 5.2
CVE-2024-9167
IvantiVelocity License Server7HIGH
Remote Access Bypass Vulnerability in Ivanti CSA Before v5.0.2
CVE-2024-9381
IvantiCsa (cloud Services Ap...7.2HIGH
Remote Code Execution Vulnerability in Ivanti CSA Admin Web Console
CVE-2024-9380
IvantiCsa (cloud Services Ap...👾7.2HIGH
Remote SQL Injection Vulnerability in Ivanti CSA Before Version 5.0.2
CVE-2024-9379
IvantiCsa (cloud Services Ap...👾7.2HIGH
Insecure Permissions in Ivanti EPMM Allow Unauthorized Access to Sensitive Configuration Files
CVE-2024-7612
IvantiEndpoint Manager Mobile8.8HIGH
September 19
Unrestricted Access: Path Traversal Vulnerability in Ivanti CSA
CVE-2024-8963
IvantiCsa (cloud Services Ap...👾9.1CRITICAL
September 12
Remote Code Execution Vulnerability in Ivanti EPM
CVE-2024-32840
IvantiEpm7.2HIGH
Ivanti EPM Vulnerable to Remote Code Execution via SQL Injection
CVE-2024-34783
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti EPM Agent Portal
CVE-2024-29847
IvantiEpm🔥😄👾9.8CRITICAL
Ivanti EPM vulnerable to SQL injection, allowing remote code execution
CVE-2024-34779
IvantiEpm7.2HIGH
Ivanti EPM XML Entity Vulnerability
CVE-2024-37397
IvantiEpm8.2HIGH
Ivanti EPM Remote Code Execution Vulnerability
CVE-2024-32848
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti EPM Before 2022 SU6 and 2024 September Update
CVE-2024-34785
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti EPM
CVE-2024-32843
IvantiEpm7.2HIGH
Ivanti EPM vulnerable to SQL injection, remote code execution
CVE-2024-32845
IvantiEpm7.2HIGH
Ivanti EPM vulnerable to SQL Injection
CVE-2024-32846
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti EPM
CVE-2024-32842
IvantiEpm7.2HIGH
September 10
Privilege Escalation Vulnerability in Ivanti Workspace Control
CVE-2024-44104
IvantiWorkspace Control7.8HIGH
Local Auth Bypass Could Lead to Privilege Escalation
CVE-2024-8012
IvantiWorkspace Control7.8HIGH
Local Attackers Can Easily Escalate Privileges and Execute Arbitrary Code in Ivanti Workspace Control
CVE-2024-44107
IvantiWorkspace Control7.8HIGH
Remote Code Execution Vulnerability in Ivanti Cloud Services Appliance
CVE-2024-8190
IvantiCsa (cloud Services Ap...😄👾7.2HIGH
Local Authenticated Attacker Can Escalate Privileges via Server-Side Controls in Ivanti Workspace Control
CVE-2024-44106
IvantiWorkspace Control7.8HIGH
Local Authenticated Attacker Can Access OS Credentials via Cleartext Transmission in Ivanti Workspace Control
CVE-2024-44105
IvantiWorkspace Control7.8HIGH
Remote Code Execution Vulnerability in Ivanti EPM Management Console
CVE-2024-8191
IvantiEndpoint Manager9.8CRITICAL
Unauthorized Network Isolation Vulnerability in Ivanti EPM Before 2022 SU6 and 2024 September Update
CVE-2024-8321
IvantiEndpoint Manager8.6HIGH
Attackers Can Elevate Privileges via DLL Hijacking in Ivanti Workspace Control
CVE-2024-44103
IvantiWorkspace Control7.8HIGH
Remote Access Vulnerability in Ivanti EPM Before 2022 SU6 or 2024 September Update
CVE-2024-8322
IvantiEndpoint Manager8.8HIGH
Remote Unauthorized Access to Network Isolation in Ivanti EPM Before 2022 SU6 or 2024 September Update
CVE-2024-8320
IvantiEndpoint Manager5.3MEDIUM
Uncontrolled Search Path Vuln in Ivanti EPM Affects Local Admin Privileges
CVE-2024-8441
IvantiEndpoint Manager6.7MEDIUM
August 14
Skin Management Components Vulnerable to Path Traversal Attacks
CVE-2024-38652
IvantiAvalanche9.1CRITICAL
Remote Code Execution Vulnerability in Ivanti Avalanche 6.3.1
CVE-2024-37373
IvantiAvalanche7.2HIGH
Remote Unauth DoS Vulnerability in Ivanti Avalanche 6.3.1
CVE-2024-37399
IvantiAvalanche7.5HIGH
Unauthorized Access to Arbitrary Files in Ivanti SmartDeviceServer 6.3.1
CVE-2024-38653
IvantiAvalanche7.5HIGH
Ivanti Avalanche Under Attack: Off-by-one Error Leads to DoS
CVE-2024-36136
IvantiAvalanche7.5HIGH
August 13
Unauthorized Access to Ivanti vTM Admin Panel via Incorrect Authentication Algorithm
CVE-2024-7593
IvantiVtm👾9.8CRITICAL
Attackers Can Impersonate Any User in Ivanti ITSM Due to Certificate Validation Flaw
CVE-2024-7570
IvantiItsm8.1HIGH
Unsafe ITSM Data Disclosure through Debug Information
CVE-2024-7569
IvantiItsm9.8CRITICAL
August 7
Unauthorized command execution vulnerability in EPMM web component
CVE-2024-36130
IvantiEpmm9.8CRITICAL
Insecure Deserialization Vulnerability Affects EPMM Web Component
CVE-2024-36131
IvantiEpmm8.8HIGH
Bypass Authentication and Access Sensitive Resources
CVE-2024-36132
IvantiEpmm7.5HIGH
Dirty Stream Vulnerability Affects Ivanti Docs@Work for Android
CVE-2024-37403
IvantiDocs@work5.5MEDIUM
Remote Access to Sensitive Information Due to Insufficient Authentication
CVE-2024-34788
IvantiEpmm6.5MEDIUM
July 29
Unauthorized Execution of Arbitrary Code via SQL Injection in Ivanti EPM 2024 Flat
CVE-2024-37381
IvantiEpm8.4HIGH
May 31
Local Privilege Escalation Vulnerability Affects Ivanti Secure Access Client for Windows
CVE-2023-38042
IvantiSecure Access Client7.8HIGH
SQL Injection Vulnerability in Ivanti Neurons for ITSM Could Lead to Data Theft and Downtime
CVE-2024-22059
IvantiItsm8.8HIGH
Local Privilege Escalation Vulnerability Affects Ivanti Secure Access Client for Linux
CVE-2023-46810
IvantiSecure Access Linux7.3HIGH
Unauthenticated SQL Injection Vulnerability Affects Ivanti EPM
CVE-2024-29823
IvantiEpm8.8HIGH
Unauthenticated SQL Injection Vulnerability Affects Ivanti EPM
CVE-2024-29827
IvantiEpm8.8HIGH
Unrestricted File Upload Vulnerability in Ivanti Neurons for ITSM Allows Remote Attackers to Write Arbitrary Files
CVE-2024-22060
IvantiItsm8.7HIGH
Unauthenticated SQL Injection Vulnerability Affects Ivanti EPM
CVE-2024-29822
IvantiEpm8.8HIGH
Unauthenticated SQL Injection Vulnerability Affects Ivanti EPM
CVE-2024-29826
IvantiEpm8.8HIGH
Arbitrary Code Execution Vulnerability in Core Server
CVE-2024-29828
IvantiEpm8HIGH
Arbitrary Code Execution Vulnerability in Core Server
CVE-2024-29829
IvantiEpm8HIGH