Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivanti vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-44529
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).
Ivanti Endpoint Manager Cloud Services Appliance
Ivanti Endpoint Manager Cloud Services Appliance 4.6
1 Metasploit module
2 Github repositories
9
CVSSv2
CVE-2021-22908
A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default.
Pulsesecure Pulse Connect Secure 9.0rx
Ivanti Connect Secure 9.1
Ivanti Connect Secure 9.0
NA
CVE-2023-46803
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
Ivanti Avalanche
NA
CVE-2023-46804
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS).
Ivanti Avalanche
NA
CVE-2022-43554
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability
Ivanti Avalanche
NA
CVE-2022-43555
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability
Ivanti Avalanche
NA
CVE-2023-41725
Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability
Ivanti Avalanche
NA
CVE-2023-41726
Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability
Ivanti Avalanche
NA
CVE-2023-41727
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
Ivanti Avalanche
NA
CVE-2023-38041
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system.
Ivanti Secure Access Client
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »