Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / ivanti

ivanti

496 tracked vulnerabilities.

CVE-2022-36972 CRITICAL

Ivanti Avalanche 6.3.2.3490-6.3.4 - SQL Injection via ProfileDaoImpl

CVE-2022-36971 HIGH

Ivanti Avalanche 6.3.2.3490-6.3.4 - Remote Code Execution via JwtTokenUtility Deserialization

CVE-2022-44574 HIGH

Ivanti Avalanche < 6.4.0 - Unauthenticated Property Modification via Specific Port

CVE-2022-35259 HIGH

Endpoint Manager <2022.3 - Code Injection

CVE-2022-35258 HIGH

Ivanti <9.1R14.3, <9.1R15.2, <9.1R16.2, <22.2R4 - DoS

CVE-2022-35254 HIGH

Ivanti Connect Secure < 9.1R14.3, 9.1R15.2, 9.1R16.2, 22.2R4 - Unauthenticated Denial of Service

CVE-2022-27773 CRITICAL

Ivanti Endpoint Manager < 2021.1 - Privilege Escalation via Incorrect Default Permissions

CVE-2022-21826 MEDIUM

Ivanti Connect Secure - HTTP Request Smuggling via POST Content-Length Mismanagement

CVE-2022-30121 MEDIUM

Ivanti Endpoint Manager < 2021.1.1 - Privilege Escalation via LANDesk Management Agent Service

CVE-2022-22572 HIGH

Incapptic Connect <1.40.1 - Privilege Escalation

CVE-2022-22571 MEDIUM

Ivanti Incapptic Connect < 1.40.3 - Authenticated Stored Cross-Site Scripting

CVE-2022-27088 HIGH

Ivanti DSM Remote <6.3.1.1862 - Privilege Escalation

CVE-2022-21828 HIGH

Ivanti Incapptic Connect 1.35.3-1.40.0 - Authenticated Remote Code Execution via Untrusted Data Deserialization

CVE-2022-21823 MEDIUM

Ivanti Workspace Control <2021.2 - Info Disclosure

CVE-2021-22962 CRITICAL

Ivanti Avalanche < 6.4.2 - Sensitive Data Leakage and Denial of Service

CVE-2021-44720 HIGH

Ivanti Pulse Connect Secure < 9.1R12 - Unauthenticated Privilege Escalation via Hard-coded Credentials in Targets.cgi

CVE-2021-30497 HIGH NUCLEI

Ivanti Avalanche (Premise) 6.3.2 - Path Traversal

CVE-2021-38560 MEDIUM

Ivanti Service Manager 2021.1 - XSS

CVE-2021-44529 CRITICAL KEVNUCLEI

Ivanti Endpoint Manager Cloud Services Appliance < 4.5 - Unauthenticated Remote Code Execution

CVE-2021-42133 HIGH

Ivanti Avalanche <6.3.3 - Privilege Escalation

CVE-2021-42132 HIGH

Ivanti Avalanche < 6.3.3 - Authenticated Command Injection via Inforail Service

CVE-2021-42131 HIGH

Ivanti Avalanche < 6.3.3 - SQL Injection via Inforail Service

CVE-2021-42130 HIGH

Ivanti Avalanche < 6.3.3 - Remote Code Execution via Deserialization of Untrusted Data

CVE-2021-42129 HIGH

Ivanti Avalanche < 6.3.3 - Authenticated Command Injection via Inforail Service

CVE-2021-42128 CRITICAL

Ivanti Avalanche < 6.3.3 - Privilege Escalation via Enterprise Server Service

Previous Page 16 of 20 Next

Products

connect_secure 130 avalanche 117 endpoint_manager 116 policy_secure 77 endpoint_manager_mobile 28 workspace_control 22 secure_access_client 20 zero_trust_access_gateway 17 neurons_for_secure_access 15 cloud_services_appliance 7 Endpoint Manager Mobile 6 desktop_\&_server_management 6 landesk_management_suite 6 neurons_for_itsm 6 endpoint_manager_cloud_services_appliance 5 neurons_for_zero-trust_access 5 Endpoint Manager 3 Secure Access Client 3 incapptic_connect 3 security_controls 3 Connect Secure 2 Neurons for ITSM (Cloud) 2 Neurons for ITSM (On-Premise) 2 application_control 2 automation 2 mobileiron 2 standalone_sentry 2 virtual_traffic_manager 2 LANDesk Management Suite 1 Policy Secure 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy