Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivanti vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-39336
An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released before 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve output without the need for authentication. Under specific circumstances, this may ...
Ivanti Endpoint Manager 2022
Ivanti Endpoint Manager
5
CVSSv2
CVE-2018-20811
A hidden RPC service issue was found with Pulse Secure Pulse Connect Secure 8.3RX prior to 8.3R2 and 8.1RX prior to 8.1R12.
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.3
7.5
CVSSv2
CVE-2021-22893
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code ex...
Ivanti Connect Secure 9.1
Ivanti Connect Secure 9.0
9 Github repositories
6 Articles
4.3
CVSSv2
CVE-2019-11507
In Pulse Secure Pulse Connect Secure (PCS) 8.3.x prior to 8.3R7.1 and 9.0.x prior to 9.0R3, an XSS issue has been found on the Application Launcher page.
Ivanti Connect Secure 9.0
Ivanti Connect Secure 8.3
9
CVSSv2
CVE-2020-13774
An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated malicious user to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and in...
Ivanti Endpoint Manager 2019.1
Ivanti Endpoint Manager 2020.1
NA
CVE-2023-38043
A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated malicious user to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine and, in some ca...
Ivanti Secure Access Client
Ivanti Secure Access Client 22.6
NA
CVE-2023-28129
DSM 2022.2 SU2 and all prior versions allows a local low privileged account to execute arbitrary OS commands as the DSM software installation user.
Ivanti Desktop & Server Management 2022.2
Ivanti Desktop & Server Management
NA
CVE-2023-38543
A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated malicious user to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine.
Ivanti Secure Access Client
Ivanti Secure Access Client 22.6
NA
CVE-2023-35080
A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated malicious user to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service...
Ivanti Secure Access Client
Ivanti Secure Access Client 22.6
1 Github repository
NA
CVE-2023-41718
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file.
Ivanti Secure Access Client 22.2
Ivanti Secure Access Client 22.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »