ivanti

496 tracked vulnerabilities.

CVE-2024-23531 HIGH
Ivanti Avalanche < 6.4.3 - Unauthenticated Integer Overflow in WLInfoRailService
Apr 19, 2024
CVSS 7.5
EPSS 0.04
CVE-2024-23530 HIGH
Ivanti Avalanche < 6.4.3.528 - Unauthenticated Out-of-bounds Read in WLAvalancheService
Apr 19, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-23529 HIGH
Ivanti Avalanche < 6.4.3.528 - Unauthenticated Out-of-bounds Read in WLAvalancheService
Apr 19, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-23528 HIGH
Ivanti Avalanche < 6.4.3.528 - Unauthenticated Out-of-bounds Read in WLAvalancheService
Apr 19, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-23526 HIGH
Ivanti Avalanche < 6.4.3.528 - Unauthenticated Out-of-bounds Read in WLAvalancheService
Apr 19, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-22061 CRITICAL
Ivanti Avalanche <6.4.3 - Buffer Overflow
Apr 19, 2024
CVSS 9.8
EPSS 0.05
CVE-2024-21894 CRITICAL
Ivanti Connect Secure 9.x, 22.x - Unauthenticated Heap Overflow in IPSec Component
Apr 04, 2024
CVSS 9.8
EPSS 0.08
CVE-2024-22053 HIGH
Ivanti Connect/Ivanti Policy <9.x, 22.x - Buffer Overflow
Apr 04, 2024
CVSS 8.2
EPSS 0.07
CVE-2024-22052 HIGH
Ivanti Connect/Ivanti Policy <9.x, 22.x - DoS
Apr 04, 2024
CVSS 7.5
EPSS 0.04
CVE-2024-22023 MEDIUM
Ivanti Connect/Ivanti Policy <9.x,22.x - DoS
Apr 04, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-22024 HIGH NUCLEI
Ivanti Connect Secure - XXE
Feb 13, 2024
CVSS 8.3
EPSS 0.94
CVE-2024-21893 HIGH KEVNUCLEI
Ivanti SAML - Server Side Request Forgery (SSRF)
Jan 31, 2024
CVSS 8.2
EPSS 0.94
CVE-2024-21888 HIGH
Ivanti Connect Secure 9.x, 22.x and Policy Secure 9.x, 22.x - Privilege Escalation
Jan 31, 2024
CVSS 8.8
EPSS 0.61
CVE-2024-21887 CRITICAL KEVNUCLEI
Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection
Jan 12, 2024
CVSS 9.1
EPSS 0.94
CVE-2023-39339 MEDIUM
Ivanti Policy Secure < 22.6R1 - Authenticated Arbitrary File Read via Path Traversal
Jul 12, 2025
CVSS 4.9
EPSS 0.02
CVE-2023-39338 MEDIUM
Ivanti Sentry 9.0-9.19 - Authenticated Incorrect Permission Assignment for Critical Resource
Jul 12, 2025
CVSS 6.8
EPSS 0.05
CVE-2023-38036 CRITICAL
Ivanti Avalanche < 6.4.1 - Unauthenticated Buffer Overflow
Jul 12, 2025
CVSS 9.8
EPSS 0.03
CVE-2023-46810 HIGH
Ivanti Secure Access Client for Linux <22.7R1 - Privilege Escalation
May 31, 2024
CVSS 7.3
EPSS 0.00
CVE-2023-38551 HIGH
Ivanti Connect Secure 9.1R18.6-22.7R2 - Authenticated Cross-Site Scripting via CRLF Injection
May 31, 2024
CVSS 8.2
EPSS 0.01
CVE-2023-38042 HIGH
Ivanti Secure Access Client < 22.7 - Local Privilege Escalation
May 31, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-46807 MEDIUM
Ivanti Endpoint Manager Mobile < 12.1.0.0 - Authenticated SQL Injection
May 22, 2024
CVSS 6.7
EPSS 0.01
CVE-2023-46806 MEDIUM
Ivanti Endpoint Manager Mobile < 12.1.0.0 - Authenticated SQL Injection
May 22, 2024
CVSS 6.7
EPSS 0.01
CVE-2023-34298 HIGH
Ivanti Pulse Secure Desktop Client < 9.1 - Local Privilege Escalation via SetupService Path Traversal
May 03, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-46808 CRITICAL
Ivanti ITSM <2023.4 - Command Injection
Mar 31, 2024
CVSS 9.9
EPSS 0.13
CVE-2023-41724 HIGH
Ivanti Standalone Sentry < 9.19.0 - Unauthenticated Remote Code Execution
Mar 31, 2024
CVSS 8.8
EPSS 0.06
Products
connect_secure 130 avalanche 117 endpoint_manager 116 policy_secure 77 endpoint_manager_mobile 28 workspace_control 22 secure_access_client 20 zero_trust_access_gateway 17 neurons_for_secure_access 15 cloud_services_appliance 7 Endpoint Manager Mobile 6 desktop_\&_server_management 6 landesk_management_suite 6 neurons_for_itsm 6 endpoint_manager_cloud_services_appliance 5 neurons_for_zero-trust_access 5 Endpoint Manager 3 Secure Access Client 3 incapptic_connect 3 security_controls 3 Connect Secure 2 Neurons for ITSM (Cloud) 2 Neurons for ITSM (On-Premise) 2 application_control 2 automation 2 mobileiron 2 standalone_sentry 2 virtual_traffic_manager 2 LANDesk Management Suite 1 Policy Secure 1
Quick Filters
Critical CVEs With Exploits In CISA KEV