ivanti

496 tracked vulnerabilities.

CVE-2025-10986 MEDIUM
Ivanti EPMM <12.6.0.2-12.4.0.4 - Path Traversal
Oct 14, 2025
CVSS 4.7
EPSS 0.01
CVE-2025-10985 HIGH
Ivanti EPMM <12.6.0.2-12.4.0.4 - Command Injection
Oct 14, 2025
CVSS 7.2
EPSS 0.09
CVE-2025-10243 HIGH
Ivanti Endpoint Manager Mobile < 12.4.0.4 - Authenticated Remote Code Execution via Admin Panel
Oct 14, 2025
CVSS 7.2
EPSS 0.09
CVE-2025-10242 HIGH
Ivanti Endpoint Manager Mobile < 12.4.0.4 - Authenticated Remote Code Execution via Admin Panel
Oct 14, 2025
CVSS 7.2
EPSS 0.09
CVE-2025-62392 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62391 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62390 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62389 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62388 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62387 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62386 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62385 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62384 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62383 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-11623 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-9713 HIGH
Ivanti Endpoint Manager <2024 SU4 - Path Traversal
Oct 13, 2025
CVSS 8.8
EPSS 0.03
CVE-2025-11622 HIGH
Ivanti Endpoint Manager < 2024 SU4 - Authenticated Privilege Escalation via Insecure Deserialization
Oct 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-9872 HIGH
Ivanti Endpoint Manager < 2024 SU3 SR1 & < 2022 SU8 SR2 - Unauthenticated RCE via Filename Validation
Sep 09, 2025
CVSS 8.8
EPSS 0.03
CVE-2025-9712 HIGH
Ivanti Endpoint Manager <2024 SU3 SR1, 2022 SU8 SR2 - RCE
Sep 09, 2025
CVSS 8.8
EPSS 0.03
CVE-2025-8712 MEDIUM
Ivanti Neurons for Secure Access < 22.8 - Authenticated Missing Authorization
Sep 09, 2025
CVSS 5.4
EPSS 0.01
CVE-2025-8711 MEDIUM
Ivanti Connect Secure < 22.7 - Cross-Site Request Forgery
Sep 09, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-55148 HIGH
Ivanti Connect Secure < 22.7 - Authenticated Missing Authorization
Sep 09, 2025
CVSS 7.6
EPSS 0.02
CVE-2025-55147 HIGH
Ivanti Connect Secure <22.7R2.9,22.8R2 - CSRF
Sep 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-55146 MEDIUM
Ivanti Connect Secure <22.7R2.9,22.8R2 - DoS
Sep 09, 2025
CVSS 4.9
EPSS 0.01
CVE-2025-55145 HIGH
Ivanti Connect Secure <22.7R2.9,22.8R2 - Auth Bypass
Sep 09, 2025
CVSS 8.9
EPSS 0.00
Products
connect_secure 130 avalanche 117 endpoint_manager 116 policy_secure 77 endpoint_manager_mobile 28 workspace_control 22 secure_access_client 20 zero_trust_access_gateway 17 neurons_for_secure_access 15 cloud_services_appliance 7 Endpoint Manager Mobile 6 desktop_\&_server_management 6 landesk_management_suite 6 neurons_for_itsm 6 endpoint_manager_cloud_services_appliance 5 neurons_for_zero-trust_access 5 Endpoint Manager 3 Secure Access Client 3 incapptic_connect 3 security_controls 3 Connect Secure 2 Neurons for ITSM (Cloud) 2 Neurons for ITSM (On-Premise) 2 application_control 2 automation 2 mobileiron 2 standalone_sentry 2 virtual_traffic_manager 2 LANDesk Management Suite 1 Policy Secure 1
Quick Filters
Critical CVEs With Exploits In CISA KEV