ivanti

500 tracked vulnerabilities.

CVE-2024-13842 MEDIUM
Ivanti Connect/Ivanti Policy <22.7R2.3/<22.7R1.3 - Info Disclosure
Feb 11, 2025
CVSS 6.0
EPSS 0.00
CVE-2024-13830 MEDIUM
Ivanti Connect Secure < 22.7R2.6 and Policy Secure < 22.7R1.3 - Unauthenticated Reflected Cross-Site Scripting
Feb 11, 2025
CVSS 6.1
EPSS 0.01
CVE-2024-13813 HIGH
Ivanti Secure Access Client < 22.8 - Authenticated Arbitrary File Deletion
Feb 11, 2025
CVSS 7.1
EPSS 0.00
CVE-2024-12058 MEDIUM
Ivanti Connect/Ivanti Policy <22.7R2.6/<22.7R1.3 - Path Traversal
Feb 11, 2025
CVSS 6.8
EPSS 0.01
CVE-2024-11771 MEDIUM
Ivanti Cloud Services Appliance < 5.0.5 - Unauthenticated Path Traversal
Feb 11, 2025
CVSS 5.3
EPSS 0.01
CVE-2024-10644 CRITICAL
Ivanti Connect Secure < 22.7R2.4 and Policy Secure < 22.7R1.3 - Authenticated Remote Code Execution via Code Injection
Feb 11, 2025
CVSS 9.1
EPSS 0.02
CVE-2024-13172 HIGH
Ivanti Endpoint Manager < 2022 SU6 - Remote Code Execution via Cryptographic Issue
Jan 14, 2025
CVSS 7.8
EPSS 0.01
CVE-2024-13171 HIGH
Ivanti Endpoint Manager < 2022 - Unauthenticated Remote Code Execution via Insufficient Filename Validation
Jan 14, 2025
CVSS 7.8
EPSS 0.18
CVE-2024-13170 HIGH
Ivanti Endpoint Manager < 2024 January-2025 SU / 2022 SU6 January-2025 SU - DoS via Out-of-bounds Write
Jan 14, 2025
CVSS 7.5
EPSS 0.02
CVE-2024-13169 HIGH
Ivanti Endpoint Manager < 2022 SU6 - Authenticated Privilege Escalation via Out-of-bounds Read
Jan 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2024-13168 HIGH
Ivanti Endpoint Manager < 2024 Jan-2025 SU & 2022 SU6 Jan-2025 SU - Unauthenticated DoS via Out-of-bounds Write
Jan 14, 2025
CVSS 7.5
EPSS 0.02
CVE-2024-13167 HIGH
Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Denial of Service via Out-of-bounds Write
Jan 14, 2025
CVSS 7.5
EPSS 0.02
CVE-2024-13166 HIGH
Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Denial of Service via Out-of-bounds Write
Jan 14, 2025
CVSS 7.5
EPSS 0.02
CVE-2024-13165 HIGH
Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Denial of Service via Out-of-bounds Write
Jan 14, 2025
CVSS 7.5
EPSS 0.02
CVE-2024-13164 HIGH
Ivanti Endpoint Manager < 2022 SU6 - Authenticated Privilege Escalation via Uninitialized Resource
Jan 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2024-13163 HIGH
Ivanti EPM <2024 - Remote Code Execution
Jan 14, 2025
CVSS 7.8
EPSS 0.09
CVE-2024-13162 HIGH
Ivanti Endpoint Manager < 2022 SU6 - Authenticated SQL Injection
Jan 14, 2025
CVSS 7.2
EPSS 0.64
CVE-2024-13161 CRITICAL KEVNUCLEI
Ivanti Endpoint Manager < 2022 - Unauthenticated Absolute Path Traversal
Jan 14, 2025
CVSS 9.8
EPSS 0.89
CVE-2024-13160 CRITICAL KEVNUCLEI
Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Absolute Path Traversal
Jan 14, 2025
CVSS 9.8
EPSS 0.90
CVE-2024-13159 CRITICAL KEVNUCLEI
Ivanti Endpoint Manager < 2022 - Unauthenticated Absolute Path Traversal
Jan 14, 2025
CVSS 9.8
EPSS 1.00
CVE-2024-13158 HIGH
Ivanti Endpoint Manager < 2024 - Authenticated Remote Code Execution via Unbounded Resource Search Path
Jan 14, 2025
CVSS 7.2
EPSS 0.03
CVE-2024-13181 HIGH
Ivanti Avalanche <6.4.7 - Path Traversal
Jan 14, 2025
CVSS 7.3
EPSS 0.32
CVE-2024-13180 HIGH
Ivanti Avalanche <6.4.7 - Path Traversal
Jan 14, 2025
CVSS 7.5
EPSS 0.28
CVE-2024-13179 HIGH
Ivanti Avalanche <6.4.7 - Path Traversal
Jan 14, 2025
CVSS 7.3
EPSS 0.62
CVE-2024-10811 CRITICAL
Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Path Traversal
Jan 14, 2025
CVSS 9.8
EPSS 0.03