Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivanti vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-11463
In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. In other words, a normal user can send requests to a specific URI with the target...
Ivanti Endpoint Manager 2017.3
Ivanti Endpoint Manager 2016.4
Ivanti Endpoint Manager 2017.1
9.8
CVSSv3
CVE-2019-10651
An issue exists in the Core Server in Ivanti Endpoint Manager (EPM) 2017.3 before SU7 and 2018.x prior to 2018.3 SU3, with remote code execution. In other words, the issue affects 2017.3, 2018.1, and 2018.3 installations that lack the April 2019 update.
Ivanti Endpoint Manager 2018.3
Ivanti Endpoint Manager 2018.1
Ivanti Endpoint Manager 2017.3
7.8
CVSSv3
CVE-2023-38043
A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated malicious user to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine and, in some ca...
Ivanti Secure Access Client
Ivanti Secure Access Client 22.6
7.8
CVSSv3
CVE-2023-35080
A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated malicious user to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service...
Ivanti Secure Access Client
Ivanti Secure Access Client 22.6
1 Github repository
7.8
CVSSv3
CVE-2023-38543
A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated malicious user to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine.
Ivanti Secure Access Client
Ivanti Secure Access Client 22.6
8.8
CVSSv3
CVE-2019-11509
In Pulse Secure Pulse Connect Secure (PCS) prior to 8.1R15.1, 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4 and Pulse Policy Secure (PPS) prior to 5.1R15.1, 5.2 prior to 5.2R12.1, 5.3 prior to 5.3R15.1, 5.4 prior to 5.4R7.1, and 9.0 prior to 9.0R3.2, an au...
Ivanti Connect Secure 9.0
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.2
Ivanti Connect Secure 8.3
Pulsesecure Pulse Policy Secure 5.2
Pulsesecure Pulse Policy Secure 5.4
Ivanti Policy Secure 9.0
7.8
CVSSv3
CVE-2023-41718
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file.
Ivanti Secure Access Client 22.2
Ivanti Secure Access Client 22.3
5.5
CVSSv3
CVE-2023-38544
A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system.
Ivanti Secure Access Client 22.2
Ivanti Secure Access Client 22.3
8.8
CVSSv3
CVE-2023-39336
An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released before 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve output without the need for authentication. Under specific circumstances, this may ...
Ivanti Endpoint Manager 2022
Ivanti Endpoint Manager
9.8
CVSSv3
CVE-2023-28323
A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS (Operating System) vulnerabilities to escalate privileges on the machine or...
Ivanti Endpoint Manager 2022
Ivanti Endpoint Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »