ivanti

496 tracked vulnerabilities.

CVE-2020-8262 MEDIUM
Pulse Connect/Pulse Policy <9.1R9 - XSS,Open Redirect
Oct 28, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-8261 MEDIUM
Pulse Connect Secure/Pulse Policy Secure <9.1R9 - Command Injection
Oct 28, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-8260 HIGH KEV
Pulse Connect Secure <9.1R9 - Authenticated RCE
Oct 28, 2020
CVSS 7.2
EPSS 0.73
CVE-2020-15352 HIGH
Pulse Connect Secure < 9.1R9 and Pulse Policy Secure < 9.1R9 - Authenticated XML External Entity Injection
Oct 27, 2020
CVSS 7.2
EPSS 0.07
CVE-2020-8256 MEDIUM
Pulse Connect Secure <9.1R8.2 - XXE
Sep 30, 2020
CVSS 4.9
EPSS 0.04
CVE-2020-8243 HIGH KEV
Pulse Connect Secure <9.1R8.2 - Authenticated RCE
Sep 30, 2020
CVSS 7.2
EPSS 0.12
CVE-2020-8238 MEDIUM
Pulse Connect/Pulse Policy Secure <9.1R8.2 - XSS
Sep 30, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-13793 CRITICAL
Ivanti DSM netinst 5.1 - Use of Hard-coded Credentials
Aug 06, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-12441 CRITICAL
Ivanti Service Manager HEAT Remote Control 7.4 - DoS
Aug 06, 2020
CVSS 9.8
EPSS 0.07
CVE-2020-8222 MEDIUM
Pulse Connect Secure <9.1R8 - Path Traversal
Jul 30, 2020
CVSS 6.8
EPSS 0.01
CVE-2020-8221 MEDIUM
Pulse Connect Secure <9.1R8 - Path Traversal
Jul 30, 2020
CVSS 4.9
EPSS 0.02
CVE-2020-8220 MEDIUM
Pulse Connect Secure <9.1R8 - Command Injection
Jul 30, 2020
CVSS 6.5
EPSS 0.05
CVE-2020-8219 HIGH
Pulse Connect Secure <9.1R8 - Privilege Escalation
Jul 30, 2020
CVSS 7.2
EPSS 0.01
CVE-2020-8218 HIGH KEV
Pulse Connect Secure <9.1R8 - Code Injection
Jul 30, 2020
CVSS 7.2
EPSS 0.91
CVE-2020-8217 MEDIUM
Pulse Connect Secure <9.1R8 - Cross-Site Scripting via Citrix ICA URL
Jul 30, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-8216 MEDIUM
Pulse Connect Secure <9.1R8 - Info Disclosure
Jul 30, 2020
CVSS 4.3
EPSS 0.02
CVE-2020-8206 HIGH
Pulse Connect Secure <9.1RB - Auth Bypass
Jul 30, 2020
CVSS 8.1
EPSS 0.02
CVE-2020-8204 MEDIUM
Pulse Connect Secure <9.1R5 - Cross-Site Scripting on PSAL Page
Jul 30, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-12880 MEDIUM
Pulse Policy Secure/PCS Virtual Appliance <9.1R8 - RCE
Jul 27, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-12442 CRITICAL
Ivanti Avalanche 6.3 - SQL Injection
Apr 28, 2020
CVSS 9.8
EPSS 0.03
CVE-2020-11533 MEDIUM
Ivanti Workspace Control <10.4.30.0 - Info Disclosure
Apr 04, 2020
CVSS 5.5
EPSS 0.00
CVE-2019-19138 HIGH
Ivanti Workspace Control <10.4.50.0 - DoS
Dec 15, 2021
CVSS 7.5
EPSS 0.02
CVE-2019-17066 HIGH
Ivanti WorkSpace Control < 10.4.40.0 - Authenticated Privilege Escalation via Registry Hijacking
May 18, 2020
CVSS 7.8
EPSS 0.00
CVE-2019-16382 CRITICAL
Ivanti Workspace Control 10.3.110.0 - Auth Bypass
Mar 19, 2020
CVSS 9.8
EPSS 0.06
CVE-2019-19675 HIGH
Ivanti Workspace Control <10.3.180.0 - Privilege Escalation
Dec 17, 2019
CVSS 7.8
EPSS 0.00
Products
connect_secure 130 avalanche 117 endpoint_manager 116 policy_secure 77 endpoint_manager_mobile 28 workspace_control 22 secure_access_client 20 zero_trust_access_gateway 17 neurons_for_secure_access 15 cloud_services_appliance 7 Endpoint Manager Mobile 6 desktop_\&_server_management 6 landesk_management_suite 6 neurons_for_itsm 6 endpoint_manager_cloud_services_appliance 5 neurons_for_zero-trust_access 5 Endpoint Manager 3 Secure Access Client 3 incapptic_connect 3 security_controls 3 Connect Secure 2 Neurons for ITSM (Cloud) 2 Neurons for ITSM (On-Premise) 2 application_control 2 automation 2 mobileiron 2 standalone_sentry 2 virtual_traffic_manager 2 LANDesk Management Suite 1 Policy Secure 1
Quick Filters
Critical CVEs With Exploits In CISA KEV