Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / ivanti

ivanti

496 tracked vulnerabilities.

CVE-2023-32567 CRITICAL

Ivanti Avalanche < 6.4.1 - XML External Entity Injection in decodeToMap

CVE-2023-32566 CRITICAL

Ivanti Avalanche < 6.4.1 - Sensitive Data Leakage and Denial of Service

CVE-2023-35081 HIGH KEV

Ivanti EPMM 11.8.0-11.8.1.1, 11.9.0-11.9.1.1, 11.10.0-11.10.0.2 - Authenticated Arbitrary File Write via Path Traversal

CVE-2023-35078 CRITICAL KEVNUCLEI

Ivanti Endpoint Manager Mobile < 11.8.1.1 - Unauthenticated Authentication Bypass

CVE-2023-35077 HIGH

Ivanti Endpoint Manager < 7.9.1.285 - Out-of-bounds Write

CVE-2023-28324 CRITICAL

Ivanti Endpoint Manager < 2022 - Privilege Escalation or Remote Code Execution

CVE-2023-28323 CRITICAL

Ivanti Endpoint Manager < 2022 Su3 - Unauthenticated Deserialization of Untrusted Data

CVE-2023-28128 HIGH

Ivanti Avalanche < 6.3.4.153 - Unrestricted Upload of File with Dangerous Type

CVE-2023-28127 HIGH

Ivanti Avalanche < 6.3.4.153 - Path Traversal and Information Disclosure via getLogFile

CVE-2023-28126 MEDIUM

Ivanti Avalanche < 6.3.4.153 - Authentication Bypass via SetUser Method or Race Condition

CVE-2023-28125 MEDIUM

Ivanti Avalanche < 6.3.4.153 - Authentication Bypass via Message Registration

CVE-2022-44569 HIGH

Ivanti Automation < 2023.4 - Authenticated Authentication Bypass via Insecure IPC

CVE-2022-43555 HIGH

Ivanti Avalanche Printer Device Service - Privilege Escalation

CVE-2022-43554 HIGH

Ivanti Avalanche Smart Device Service - Privilege Escalation

CVE-2022-36983 CRITICAL

Ivanti Avalanche 6.3.3.101-6.3.4 - Unauthenticated Authentication Bypass via SetSettings Class

CVE-2022-36982 HIGH

Ivanti Avalanche 6.3.3.101-6.3.3.102 - Unauthenticated Path Traversal in AgentTaskHandler

CVE-2022-36981 CRITICAL

Ivanti Avalanche 6.3.3.101-6.3.4 - Remote Code Execution via Path Traversal in DeviceLogResource

CVE-2022-36980 HIGH

Ivanti Avalanche 6.3.2.3490-6.3.4 - Authentication Bypass via Race Condition in EnterpriseServer Service

CVE-2022-36979 CRITICAL

Ivanti Avalanche 6.3.2.3490-<6.3.4 - Authenticated SQL Injection via AvalancheDaoSupport Class

CVE-2022-36978 CRITICAL

Ivanti Avalanche 6.3.2.3490-6.3.4 - Remote Code Execution via Untrusted Data Deserialization

CVE-2022-36977 CRITICAL

Ivanti Avalanche 6.3.2.3490-<6.3.4 - Remote Code Execution via Certificate Management Server Deserialization

CVE-2022-36976 CRITICAL

Ivanti Avalanche 6.3.2.3490-6.3.4 - SQL Injection via GroupDaoImpl

CVE-2022-36975 CRITICAL

Ivanti Avalanche 6.3.2.3490-<6.3.4 - Authentication Bypass via SQL Injection in ProfileDaoImpl

CVE-2022-36974 CRITICAL

Ivanti Avalanche 6.3.2.3490-6.3.4 - Remote Code Execution via Untrusted Data Deserialization

CVE-2022-36973 HIGH

Ivanti Avalanche 6.3.2.3490-6.3.4 - Authenticated SQL Injection via ProfileDaoImpl

Previous Page 15 of 20 Next

Products

connect_secure 130 avalanche 117 endpoint_manager 116 policy_secure 77 endpoint_manager_mobile 28 workspace_control 22 secure_access_client 20 zero_trust_access_gateway 17 neurons_for_secure_access 15 cloud_services_appliance 7 Endpoint Manager Mobile 6 desktop_\&_server_management 6 landesk_management_suite 6 neurons_for_itsm 6 endpoint_manager_cloud_services_appliance 5 neurons_for_zero-trust_access 5 Endpoint Manager 3 Secure Access Client 3 incapptic_connect 3 security_controls 3 Connect Secure 2 Neurons for ITSM (Cloud) 2 Neurons for ITSM (On-Premise) 2 application_control 2 automation 2 mobileiron 2 standalone_sentry 2 virtual_traffic_manager 2 LANDesk Management Suite 1 Policy Secure 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy