Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / ivanti

ivanti

496 tracked vulnerabilities.

CVE-2024-11771 MEDIUM

Ivanti Cloud Services Appliance < 5.0.5 - Unauthenticated Path Traversal

CVE-2024-10644 CRITICAL

Ivanti Connect Secure < 22.7R2.4 and Policy Secure < 22.7R1.3 - Authenticated Remote Code Execution via Code Injection

CVE-2024-13172 HIGH

Ivanti Endpoint Manager < 2022 SU6 - Remote Code Execution via Cryptographic Issue

CVE-2024-13171 HIGH

Ivanti Endpoint Manager < 2022 - Unauthenticated Remote Code Execution via Insufficient Filename Validation

CVE-2024-13170 HIGH

Ivanti Endpoint Manager < 2024 January-2025 SU / 2022 SU6 January-2025 SU - DoS via Out-of-bounds Write

CVE-2024-13169 HIGH

Ivanti Endpoint Manager < 2022 SU6 - Authenticated Privilege Escalation via Out-of-bounds Read

CVE-2024-13168 HIGH

Ivanti Endpoint Manager < 2024 Jan-2025 SU & 2022 SU6 Jan-2025 SU - Unauthenticated DoS via Out-of-bounds Write

CVE-2024-13167 HIGH

Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Denial of Service via Out-of-bounds Write

CVE-2024-13166 HIGH

Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Denial of Service via Out-of-bounds Write

CVE-2024-13165 HIGH

Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Denial of Service via Out-of-bounds Write

CVE-2024-13164 HIGH

Ivanti Endpoint Manager < 2022 SU6 - Authenticated Privilege Escalation via Uninitialized Resource

CVE-2024-13163 HIGH

Ivanti EPM <2024 - Remote Code Execution

CVE-2024-13162 HIGH

Ivanti Endpoint Manager < 2022 SU6 - Authenticated SQL Injection

CVE-2024-13161 CRITICAL KEVNUCLEI

Ivanti Endpoint Manager < 2022 - Unauthenticated Absolute Path Traversal

CVE-2024-13160 CRITICAL KEVNUCLEI

Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Absolute Path Traversal

CVE-2024-13159 CRITICAL KEVNUCLEI

Ivanti Endpoint Manager < 2022 - Unauthenticated Absolute Path Traversal

CVE-2024-13158 HIGH

Ivanti Endpoint Manager < 2024 - Authenticated Remote Code Execution via Unbounded Resource Search Path

CVE-2024-13181 HIGH

Ivanti Avalanche <6.4.7 - Path Traversal

CVE-2024-13180 HIGH

Ivanti Avalanche <6.4.7 - Path Traversal

CVE-2024-13179 HIGH

Ivanti Avalanche <6.4.7 - Path Traversal

CVE-2024-10811 CRITICAL

Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Path Traversal

CVE-2024-10630 HIGH

Ivanti Application Control Engine <10.14.4.0 - Privilege Escalation

CVE-2024-37401 HIGH

Ivanti Connect Secure < 22.7R2.1 - Unauthenticated Denial of Service via IPsec Out-of-bounds Read

CVE-2024-37377 HIGH

Ivanti Connect Secure < 22.7 - Unauthenticated Denial of Service via IPsec Heap-Based Buffer Overflow

CVE-2024-9845 HIGH

Ivanti Automation < 2024.4.0.1 - Authenticated Local Privilege Escalation via Insecure Permissions

Previous Page 5 of 20 Next

Products

connect_secure 130 avalanche 117 endpoint_manager 116 policy_secure 77 endpoint_manager_mobile 28 workspace_control 22 secure_access_client 20 zero_trust_access_gateway 17 neurons_for_secure_access 15 cloud_services_appliance 7 Endpoint Manager Mobile 6 desktop_\&_server_management 6 landesk_management_suite 6 neurons_for_itsm 6 endpoint_manager_cloud_services_appliance 5 neurons_for_zero-trust_access 5 Endpoint Manager 3 Secure Access Client 3 incapptic_connect 3 security_controls 3 Connect Secure 2 Neurons for ITSM (Cloud) 2 Neurons for ITSM (On-Premise) 2 application_control 2 automation 2 mobileiron 2 standalone_sentry 2 virtual_traffic_manager 2 LANDesk Management Suite 1 Policy Secure 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy