Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / ivanti

ivanti

496 tracked vulnerabilities.

CVE-2025-22455 HIGH

Ivanti Workspace Control <10.19.0.0 - Privilege Escalation

CVE-2025-4428 HIGH KEV

Ivanti EPMM Authentication Bypass for Expression Language Remote Code Execution

CVE-2025-4427 MEDIUM KEVNUCLEI

Ivanti Endpoint Manager Mobile <= 12.5.0.0 - Unauthenticated Authentication Bypass via API

CVE-2025-22462 CRITICAL

Ivanti Neurons for ITSM < 2023.4, 2024.2, 2024.3 - Unauthenticated Authentication Bypass

CVE-2025-22460 HIGH

Ivanti Cloud Services App <5.0.5 - Privilege Escalation

CVE-2025-43716 MEDIUM

Ivanti LANDesk Management Gateway <4.2-1.9 - Path Traversal

CVE-2025-22466 HIGH

Ivanti Endpoint Manager < 2024 SU1 and < 2022 SU7 - Unauthenticated Reflected Cross-Site Scripting

CVE-2025-22465 MEDIUM

Ivanti Endpoint Manager < 2024 SU1 and < 2022 SU7 - Unauthenticated Reflected Cross-Site Scripting

CVE-2025-22464 MEDIUM

Ivanti Endpoint Manager <2024 SU1, <2022 SU7 - Memory Corruption

CVE-2025-22461 HIGH

Ivanti Endpoint Manager < 2024 SU1 and < 2022 SU7 - Authenticated SQL Injection

CVE-2025-22459 MEDIUM

Ivanti Endpoint Manager <2024 SU1, <2022 SU7 - Info Disclosure

CVE-2025-22458 HIGH

Ivanti Endpoint Manager < 2024 SU1 and < 2022 SU7 - Authenticated DLL Hijacking

CVE-2025-22457 CRITICAL KEVNUCLEI

Ivanti Connect Secure Unauthenticated Remote Code Execution via Stack-based Buffer Overflow

CVE-2025-22454 HIGH

Ivanti Secure Access Client < 22.7R4 - Authenticated Privilege Escalation via Insufficiently Restrictive Permissions

CVE-2025-22467 CRITICAL

Ivanti Connect Secure < 22.7R2.6 - Authenticated Remote Code Execution via Stack-based Buffer Overflow

CVE-2025-0283 HIGH

Ivanti Connect Secure <22.7R2.5 - Privilege Escalation

CVE-2025-0282 CRITICAL KEVNUCLEI

Ivanti Connect Secure <22.7R2.5 - RCE

CVE-2024-38648 MEDIUM

Ivanti DSM <2024.2 - Info Disclosure

CVE-2024-38657 MEDIUM

Ivanti Connect/Ivanti Policy <22.7R2.4/<22.7R1.3 - Path Traversal

CVE-2024-47908 CRITICAL

Ivanti Cloud Services Appliance < 5.0.5 - Authenticated Remote Code Execution via Admin Web Console

CVE-2024-13843 MEDIUM

Ivanti Connect Secure < 22.7R2.6 & Policy Secure < 22.7R1.3 - Sensitive Data Exposure via Cleartext Storage

CVE-2024-13842 MEDIUM

Ivanti Connect/Ivanti Policy <22.7R2.3/<22.7R1.3 - Info Disclosure

CVE-2024-13830 MEDIUM

Ivanti Connect Secure < 22.7R2.6 and Policy Secure < 22.7R1.3 - Unauthenticated Reflected Cross-Site Scripting

CVE-2024-13813 HIGH

Ivanti Secure Access Client < 22.8 - Authenticated Arbitrary File Deletion

CVE-2024-12058 MEDIUM

Ivanti Connect/Ivanti Policy <22.7R2.6/<22.7R1.3 - Path Traversal

Previous Page 4 of 20 Next

Products

connect_secure 130 avalanche 117 endpoint_manager 116 policy_secure 77 endpoint_manager_mobile 28 workspace_control 22 secure_access_client 20 zero_trust_access_gateway 17 neurons_for_secure_access 15 cloud_services_appliance 7 Endpoint Manager Mobile 6 desktop_\&_server_management 6 landesk_management_suite 6 neurons_for_itsm 6 endpoint_manager_cloud_services_appliance 5 neurons_for_zero-trust_access 5 Endpoint Manager 3 Secure Access Client 3 incapptic_connect 3 security_controls 3 Connect Secure 2 Neurons for ITSM (Cloud) 2 Neurons for ITSM (On-Premise) 2 application_control 2 automation 2 mobileiron 2 standalone_sentry 2 virtual_traffic_manager 2 LANDesk Management Suite 1 Policy Secure 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy