ivanti
500 tracked vulnerabilities.
CVE-2024-47010
HIGH
Ivanti Avalanche <6.4.5 - Path Traversal
Oct 08, 2024
CVSS 7.3
EPSS 0.38
CVE-2024-47009
HIGH
Ivanti Avalanche <6.4.5 - Path Traversal
Oct 08, 2024
CVSS 7.3
EPSS 0.02
CVE-2024-47008
HIGH
Ivanti Avalanche < 6.4.5 - Unauthenticated Server-Side Request Forgery
Oct 08, 2024
CVSS 7.5
EPSS 0.47
CVE-2024-47007
HIGH
Ivanti Avalanche < 6.4.5 - Unauthenticated Denial of Service via NULL Pointer Dereference
Oct 08, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-8963
CRITICAL
KEVNUCLEI
Ivanti Endpoint Manager Cloud Services Appliance - Unauthenticated Path Traversal
Sep 19, 2024
CVSS 9.4
EPSS 0.99
CVE-2024-37397
HIGH
Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated XML External Entity Injection
Sep 12, 2024
CVSS 8.2
EPSS 0.59
CVE-2024-34785
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
Sep 12, 2024
CVSS 7.2
EPSS 0.25
CVE-2024-34783
HIGH
Ivanti Endpoint Manager < 2022 SU6 - Authenticated SQL Injection
Sep 12, 2024
CVSS 7.2
EPSS 0.43
CVE-2024-34779
HIGH
Ivanti Endpoint Manager < 2022 SU6 - Authenticated SQL Injection
Sep 12, 2024
CVSS 7.2
EPSS 0.24
CVE-2024-32848
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
Sep 12, 2024
CVSS 7.2
EPSS 0.43
CVE-2024-32846
HIGH
Ivanti Endpoint Manager < 2022 SU6 - Authenticated SQL Injection
Sep 12, 2024
CVSS 7.2
EPSS 0.02
CVE-2024-32845
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
Sep 12, 2024
CVSS 7.2
EPSS 0.24
CVE-2024-32843
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
Sep 12, 2024
CVSS 7.2
EPSS 0.02
CVE-2024-32842
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
Sep 12, 2024
CVSS 7.2
EPSS 0.02
CVE-2024-32840
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
Sep 12, 2024
CVSS 7.2
EPSS 0.25
CVE-2024-29847
CRITICAL
Ivanti EPM <2022 SU6-2024 September - Code Injection
Sep 12, 2024
CVSS 9.8
EPSS 0.53
CVE-2024-8441
MEDIUM
Ivanti EPM <2022 SU6-2024 September - Privilege Escalation
Sep 10, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-8322
MEDIUM
Ivanti EPM <2022 SU6-2024 September - Auth Bypass
Sep 10, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-8321
MEDIUM
Ivanti EPM <2022 SU6-2024 September - Unauthenticated DoS
Sep 10, 2024
CVSS 5.8
EPSS 0.02
CVE-2024-8320
MEDIUM
Ivanti EPM <2022 SU6-2024 September - Auth Bypass
Sep 10, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-8191
HIGH
Ivanti EPM <2022 SU6-2024 September - RCE
Sep 10, 2024
CVSS 7.8
EPSS 0.20
CVE-2024-8190
HIGH
KEV
Ivanti Cloud Services Appliance <4.6.518 - Command Injection
Sep 10, 2024
CVSS 7.2
EPSS 0.89
CVE-2024-8012
HIGH
Ivanti Workspace Control <2025.2 - Privilege Escalation
Sep 10, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-44107
HIGH
Ivanti Workspace Control < 10.18.99.0 - Authenticated DLL Hijacking
Sep 10, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-44106
HIGH
Ivanti Workspace Control <2025.2 - Privilege Escalation
Sep 10, 2024
CVSS 8.8
EPSS 0.00
Products
connect_secure 130
avalanche 117
endpoint_manager 116
policy_secure 77
endpoint_manager_mobile 28
workspace_control 22
secure_access_client 21
zero_trust_access_gateway 17
neurons_for_secure_access 15
Endpoint Manager Mobile 7
cloud_services_appliance 7
desktop_\&_server_management 6
landesk_management_suite 6
neurons_for_itsm 6
endpoint_manager_cloud_services_appliance 5
neurons_for_zero-trust_access 5
standalone_sentry 4
Endpoint Manager 3
Neurons for ITSM (Cloud) 3
Secure Access Client 3
Sentry 3
incapptic_connect 3
security_controls 3
Connect Secure 2
Neurons for ITSM (On-Premise) 2
application_control 2
automation 2
mobileiron 2
virtual_traffic_manager 2
LANDesk Management Suite 1
Quick Filters