ivanti
496 tracked vulnerabilities.
CVE-2024-50323
HIGH
Ivanti Endpoint Manager SQL Injection (Unauthenticated)
Nov 12, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-50322
HIGH
Ivanti Endpoint Manager Path Traversal (Unauthenticated)
Nov 12, 2024
CVSS 7.8
EPSS 0.11
CVE-2024-50321
HIGH
Ivanti Avalanche < 6.4.6 - Unauthenticated Denial of Service via Infinite Loop
Nov 12, 2024
CVSS 7.5
EPSS 0.06
CVE-2024-50320
HIGH
Ivanti Avalanche < 6.4.6 - Unauthenticated Denial of Service via Infinite Loop
Nov 12, 2024
CVSS 7.5
EPSS 0.44
CVE-2024-50319
HIGH
Ivanti Avalanche < 6.4.6 - Unauthenticated Denial of Service via Infinite Loop
Nov 12, 2024
CVSS 7.5
EPSS 0.06
CVE-2024-50318
HIGH
Ivanti Avalanche < 6.4.6 - Unauthenticated Denial of Service via Null Pointer Dereference
Nov 12, 2024
CVSS 7.5
EPSS 0.06
CVE-2024-50317
HIGH
Ivanti Avalanche < 6.4.6 - Unauthenticated Denial of Service via Null Pointer Dereference
Nov 12, 2024
CVSS 7.5
EPSS 0.06
CVE-2024-47909
MEDIUM
Ivanti Connect Secure < 22.7R2.3 & Policy Secure < 22.7R1.2 - DoS via Stack Overflow
Nov 12, 2024
CVSS 4.9
EPSS 0.02
CVE-2024-47907
HIGH
Ivanti Connect Secure < 22.7 - Unauthenticated Denial of Service via IPsec Stack-Based Buffer Overflow
Nov 12, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-47906
HIGH
Ivanti Connect Secure <22.7R2.3 - Privilege Escalation
Nov 12, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-47905
MEDIUM
Ivanti Connect Secure < 22.7R2.3 & Policy Secure < 22.7R1.2 - DoS via Stack Overflow
Nov 12, 2024
CVSS 4.9
EPSS 0.02
CVE-2024-11007
CRITICAL
Ivanti Connect Secure < 22.7R2.1 and Policy Secure < 22.7R1.1 - Authenticated Remote Code Execution
Nov 12, 2024
CVSS 9.1
EPSS 0.18
CVE-2024-37404
HIGH
Ivanti Connect Secure Authenticated Remote Code Execution via OpenSSL CRLF Injection
Oct 18, 2024
CVSS 8.8
EPSS 0.86
CVE-2024-29821
HIGH
Ivanti DSM <2024.2 - Privilege Escalation
Oct 18, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-29213
HIGH
Ivanti DSM < 2024.2 - Privilege Escalation
Oct 18, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-9381
HIGH
Ivanti Endpoint Manager Cloud Services Appliance < 5.0.2 - Authenticated Path Traversal
Oct 08, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-9380
HIGH
KEV
Ivanti Endpoint Manager Cloud Services Appliance < 5.0.2 - Authenticated Remote Code Execution via Admin Web Console
Oct 08, 2024
CVSS 7.2
EPSS 0.87
CVE-2024-9379
MEDIUM
KEV
Ivanti Endpoint Manager Cloud Services Appliance < 5.0.2 - Authenticated SQL Injection in Admin Web Console
Oct 08, 2024
CVSS 6.5
EPSS 0.79
CVE-2024-9167
HIGH
Ivanti Velocity License Server < 5.2 - Authenticated Local Privilege Escalation via Insecure Permissions
Oct 08, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-7612
HIGH
Ivanti Endpoint Manager Mobile < 12.1.0.4 - Authenticated Insecure Permission Assignment
Oct 08, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-47011
HIGH
Ivanti Avalanche <6.4.5 - Path Traversal
Oct 08, 2024
CVSS 7.5
EPSS 0.44
CVE-2024-47010
HIGH
Ivanti Avalanche <6.4.5 - Path Traversal
Oct 08, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-47009
HIGH
Ivanti Avalanche <6.4.5 - Path Traversal
Oct 08, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-47008
HIGH
Ivanti Avalanche < 6.4.5 - Unauthenticated Server-Side Request Forgery
Oct 08, 2024
CVSS 7.5
EPSS 0.46
CVE-2024-47007
HIGH
Ivanti Avalanche < 6.4.5 - Unauthenticated Denial of Service via NULL Pointer Dereference
Oct 08, 2024
CVSS 7.5
EPSS 0.04
Products
connect_secure 130
avalanche 117
endpoint_manager 116
policy_secure 77
endpoint_manager_mobile 28
workspace_control 22
secure_access_client 20
zero_trust_access_gateway 17
neurons_for_secure_access 15
cloud_services_appliance 7
Endpoint Manager Mobile 6
desktop_\&_server_management 6
landesk_management_suite 6
neurons_for_itsm 6
endpoint_manager_cloud_services_appliance 5
neurons_for_zero-trust_access 5
Endpoint Manager 3
Secure Access Client 3
incapptic_connect 3
security_controls 3
Connect Secure 2
Neurons for ITSM (Cloud) 2
Neurons for ITSM (On-Premise) 2
application_control 2
automation 2
mobileiron 2
standalone_sentry 2
virtual_traffic_manager 2
LANDesk Management Suite 1
Policy Secure 1
Quick Filters