ivanti Latest Vulnerabilities
December 12
Heap-Based Buffer Overflow in Ivanti Connect Secure Allows Remote Denial of Service
CVE-2024-37377
IvantiConnect Secure7.5HIGH
Remote Unauth. Denial of Service via IPsec OOBR Vulnerability
CVE-2024-37401
IvantiConnect Secure7.5HIGH
December 11
CVE-2024-9845
IvantiAutomation7.8HIGH
CVE-2024-8496
IvantiWorkspace Control7.8HIGH
Local Privilege Escalation Vulnerability in Ivanti Application Control
CVE-2024-11598
IvantiApplication Control7.8HIGH
Insecure Permissions in Ivanti Performance Manager Could Lead to Local Privilege Escalation
CVE-2024-11597
IvantiPerformance Manager7.8HIGH
Insecure Permissions Lead to Local Privilege Escalation
CVE-2024-10251
IvantiSecurity Controls7.8HIGH
December 10
CVE-2024-8540
IvantiSentry8.8HIGH
Advanced SQL Injection Vulnerability in Ivanti CSA
CVE-2024-11773
IvantiCloud Services Applica...9.1CRITICAL
Remote Code Execution Vulnerability in Ivanti CSABefore Version 5.0.3
CVE-2024-11772
IvantiCloud Services Applica...9.1CRITICAL
Admin Web Console Vulnerability Allows Remote Administrative Access
CVE-2024-11639
IvantiCloud Services Applica...10CRITICAL
Remote Code Execution Vulnerability Affects Ivanti Connect Secure
CVE-2024-11634
IvantiConnect Secure9.1CRITICAL
Remote Code Execution Vulnerability in Ivanti Connect Secure Prior to 22.7R2.4
CVE-2024-11633
IvantiConnect Secure9.1CRITICAL
Local Authenticated Attacker Can Delete Arbitrary Files in Ivanti Patch SDK Before v9.7.703
CVE-2024-10256
IvantiPatch Sdk7.1HIGH
November 13
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-34780
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-32847
IvantiEpm7.2HIGH
Remote code execution vulnerability in Ivanti Connect Secure
CVE-2024-39712
Ivanti
Remote Code Execution Vulnerability Affects Ivanti Endpoint Manager
CVE-2024-32844
IvantiEpm7.2HIGH
Vulnerability in Ivanti Secure Access Client Could Allow Privilege Escalation
CVE-2024-37398
IvantiSecure Access Client7.8HIGH
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-37376
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-34784
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti Connect Secure Before 22.7R2.1 and Ivanti Policy Secure Before 22.7R1.1
CVE-2024-38655
Ivanti
Local Authenticated Attacker Can Escalate Privileges via Incorrect File Permissions
CVE-2024-39709
Ivanti
remote code execution vulnerability in Connect Secure
CVE-2024-39710
Ivanti
Remote Code Execution Vulnerability
CVE-2024-32839
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti Endpoint Manager Pre-2024 November Security Updates
CVE-2024-34781
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability Affects Ivanti Connect Secure and Policy Secure
CVE-2024-38656
Ivanti
Local Admin Can Cause DoS via Improper Bounds Checking
CVE-2024-38654
Ivanti
Attackers Can Modify Sensitive Configuration Files via Race Condition in Ivanti Secure Access Client
CVE-2024-29211
IvantiSecure Access Client4.7MEDIUM
Ivanti Connect Secure Denial of Service Vulnerability
CVE-2024-38649
Ivanti
UnAuthenticated Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-34787
IvantiEpm7.8HIGH
Infinite Loop Denial of Service Vulnerability in Ivanti Connect Secure Before v22.7R2.3
CVE-2024-37400
Ivanti
Remote Code Execution Vulnerability in Ivanti Connect Secure
CVE-2024-39711
Ivanti
Ivanti Endpoint Manager vulnerable to SQL Injection
CVE-2024-32841
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-34782
IvantiEpm7.2HIGH
November 12
CVE-2024-11006
IvantiConnect Secure9.1CRITICAL
CVE-2024-11005
IvantiConnect Secure9.1CRITICAL
CVE-2024-11004
IvantiConnect Secure6.1MEDIUM
CVE-2024-47906
IvantiConnect Secure7.8HIGH
CVE-2024-50323
IvantiEndpoint Manager7.8HIGH
CVE-2024-50329
IvantiEndpoint Manager8.8HIGH
CVE-2024-50319
IvantiAvalanche7.5HIGH
Remote Code Execution Vulnerability in Ivanti Endpoint Manager
CVE-2024-50330
IvantiEndpoint Manager9.8CRITICAL
CVE-2024-50321
IvantiAvalanche7.5HIGH
CVE-2024-50324
IvantiEndpoint Manager7.2HIGH
CVE-2024-50328
IvantiEndpoint Manager7.2HIGH
CVE-2024-50322
IvantiEndpoint Manager7.8HIGH
CVE-2024-47905
IvantiConnect Secure4.9MEDIUM
CVE-2024-47909
IvantiConnect Secure4.9MEDIUM
CVE-2024-50327
IvantiEndpoint Manager7.2HIGH
CVE-2024-11007
IvantiConnect Secure7.2HIGH
CVE-2024-50326
IvantiEndpoint Manager7.2HIGH
CVE-2024-50317
IvantiAvalanche7.5HIGH
CVE-2024-50331
IvantiAvalanche7.5HIGH
CVE-2024-50318
IvantiAvalanche7.5HIGH
CVE-2024-50320
IvantiAvalanche7.5HIGH
CVE-2024-47907
IvantiConnect Secure7.5HIGH
October 18
Ivanti DSM 2024.2 vulnerability allows elevated privileges with code execution
CVE-2024-29821
Ivanti
Elevated Privileges via Insecure ACL
CVE-2024-29213
Ivanti
Remote Code Execution Vulnerability in Ivanti Connect Secure
CVE-2024-37404
Ivanti
October 8
Unauthorized Information Leakage Through Path Traversal in Ivanti Avalanche Before v6.4.5
CVE-2024-47011
IvantiAvalanche7.5HIGH
Unauthenticated Path Traversal Vulnerability in Ivanti Avalanche before v6.4.5
CVE-2024-47010
IvantiAvalanche9.8CRITICAL
Remotely Exploitable Path Traversal Vulnerability in Ivanti Avalanche Before Version 6.4.5
CVE-2024-47009
IvantiAvalanche9.8CRITICAL
Ivanti Avalanche Server-side Request Forgery Vulnerability Allows Leak of Sensitive Information
CVE-2024-47008
IvantiAvalanche7.5HIGH
Remote Denial of Service Vulnerability in Ivanti Avalanche Before 6.4.5
CVE-2024-47007
IvantiAvalanche7.5HIGH
Local Privilege Escalation Vulnerability Found in Ivanti Velocity License Server Before Version 5.2
CVE-2024-9167
IvantiVelocity License Server7HIGH
Remote Access Bypass Vulnerability in Ivanti CSA Before v5.0.2
CVE-2024-9381
IvantiCsa (cloud Services Ap...7.2HIGH
Remote Code Execution Vulnerability in Ivanti CSA Admin Web Console
CVE-2024-9380
IvantiCsa (cloud Services Ap...👾7.2HIGH
Remote SQL Injection Vulnerability in Ivanti CSA Before Version 5.0.2
CVE-2024-9379
IvantiCsa (cloud Services Ap...👾7.2HIGH
Insecure Permissions in Ivanti EPMM Allow Unauthorized Access to Sensitive Configuration Files
CVE-2024-7612
IvantiEndpoint Manager Mobile7.8HIGH
September 19
Unrestricted Access: Path Traversal Vulnerability in Ivanti CSA
CVE-2024-8963
IvantiCsa (cloud Services Ap...👾9.1CRITICAL
September 12
Remote Code Execution Vulnerability in Ivanti EPM
CVE-2024-32840
IvantiEpm7.2HIGH
Ivanti EPM Vulnerable to Remote Code Execution via SQL Injection
CVE-2024-34783
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti EPM Agent Portal
CVE-2024-29847
IvantiEpm🔥😄👾9.8CRITICAL
Ivanti EPM vulnerable to SQL injection, allowing remote code execution
CVE-2024-34779
IvantiEpm7.2HIGH
Ivanti EPM XML Entity Vulnerability
CVE-2024-37397
IvantiEpm8.2HIGH
Ivanti EPM Remote Code Execution Vulnerability
CVE-2024-32848
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti EPM Before 2022 SU6 and 2024 September Update
CVE-2024-34785
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti EPM
CVE-2024-32843
IvantiEpm7.2HIGH
Ivanti EPM vulnerable to SQL Injection
CVE-2024-32846
IvantiEpm7.2HIGH
Ivanti EPM vulnerable to SQL injection, remote code execution
CVE-2024-32845
IvantiEpm7.2HIGH
Remote Code Execution Vulnerability in Ivanti EPM
CVE-2024-32842
IvantiEpm7.2HIGH
September 10
Attackers Can Elevate Privileges via DLL Hijacking in Ivanti Workspace Control
CVE-2024-44103
IvantiWorkspace Control7.8HIGH
Privilege Escalation Vulnerability in Ivanti Workspace Control
CVE-2024-44104
IvantiWorkspace Control7.8HIGH
Local Attackers Can Easily Escalate Privileges and Execute Arbitrary Code in Ivanti Workspace Control
CVE-2024-44107
IvantiWorkspace Control7.8HIGH
Remote Code Execution Vulnerability in Ivanti EPM Management Console
CVE-2024-8191
IvantiEndpoint Manager9.8CRITICAL
Local Authenticated Attacker Can Access OS Credentials via Cleartext Transmission in Ivanti Workspace Control
CVE-2024-44105
IvantiWorkspace Control7.8HIGH
Remote Code Execution Vulnerability in Ivanti Cloud Services Appliance
CVE-2024-8190
IvantiCsa (cloud Services Ap...😄👾7.2HIGH
Local Auth Bypass Could Lead to Privilege Escalation
CVE-2024-8012
IvantiWorkspace Control7.8HIGH
Remote Unauthorized Access to Network Isolation in Ivanti EPM Before 2022 SU6 or 2024 September Update
CVE-2024-8320
IvantiEndpoint Manager5.3MEDIUM
Local Authenticated Attacker Can Escalate Privileges via Server-Side Controls in Ivanti Workspace Control
CVE-2024-44106
IvantiWorkspace Control7.8HIGH
Uncontrolled Search Path Vuln in Ivanti EPM Affects Local Admin Privileges
CVE-2024-8441
IvantiEndpoint Manager6.7MEDIUM
Remote Access Vulnerability in Ivanti EPM Before 2022 SU6 or 2024 September Update
CVE-2024-8322
IvantiEndpoint Manager8.8HIGH
Unauthorized Network Isolation Vulnerability in Ivanti EPM Before 2022 SU6 and 2024 September Update
CVE-2024-8321
IvantiEndpoint Manager8.6HIGH
August 14
Skin Management Components Vulnerable to Path Traversal Attacks
CVE-2024-38652
IvantiAvalanche9.1CRITICAL
Remote Code Execution Vulnerability in Ivanti Avalanche 6.3.1
CVE-2024-37373
IvantiAvalanche7.2HIGH
Remote Unauth DoS Vulnerability in Ivanti Avalanche 6.3.1
CVE-2024-37399
IvantiAvalanche7.5HIGH
Unauthorized Access to Arbitrary Files in Ivanti SmartDeviceServer 6.3.1
CVE-2024-38653
IvantiAvalanche7.5HIGH
Ivanti Avalanche Under Attack: Off-by-one Error Leads to DoS
CVE-2024-36136
IvantiAvalanche7.5HIGH
August 13
Unauthorized Access to Ivanti vTM Admin Panel via Incorrect Authentication Algorithm
CVE-2024-7593
IvantiVtm👾9.8CRITICAL