Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: ivanti Clear
ID Title
CVE-2026-10523 Vulnerability in ivanti (CVE-2026-10523)
vulnerability in ivanti (CVE-2026-10523). Successful exploitation can lead to full system takeover.
CVE-2026-10520 KEV [KEV] OS Command Injection in Ivanti standalone-sentry (CVE-2026-10520)
OS command injection in Ivanti standalone-sentry (CVE-2026-10520). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-8111 SQL Injection in sqli (CVE-2026-8111)
SQL injection in sqli (CVE-2026-8111). Successful exploitation can lead to full system takeover.
CVE-2026-8110 Vulnerability in ivanti (CVE-2026-8110)
vulnerability in ivanti (CVE-2026-8110). Successful exploitation can lead to full system takeover.
CVE-2026-8109 Vulnerability in ivanti (CVE-2026-8109)
vulnerability in ivanti (CVE-2026-8109). Confidential information can be exposed externally.
CVE-2026-8051 OS Command Injection in ivanti (CVE-2026-8051)
OS command injection in ivanti (CVE-2026-8051). Successful exploitation can lead to full system takeover.
CVE-2026-8043 Vulnerability in ivanti (CVE-2026-8043)
vulnerability in ivanti (CVE-2026-8043). Confidential information can be exposed externally.
CVE-2026-7432 Vulnerability in ivanti (CVE-2026-7432)
vulnerability in ivanti (CVE-2026-7432). Successful exploitation can lead to full system takeover.
CVE-2026-7431 Vulnerability in ivanti (CVE-2026-7431)
vulnerability in ivanti (CVE-2026-7431). Risk of unauthorized operations or information disclosure.
CVE-2026-6973 KEV [KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-1340 KEV [KEV] Code Injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1340)
code injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1340). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-1603 KEV [KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2026-1603)
vulnerability in Ivanti endpoint-manager-epm (CVE-2026-1603). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-1281 KEV [KEV] Code Injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1281)
code injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1281). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-4428 KEV [KEV] Code Injection in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4428)
code injection in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4428). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-4427 KEV [KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4427)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4427). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-22457 KEV [KEV] Vulnerability in Ivanti connect-secure (CVE-2025-22457)
vulnerability in Ivanti connect-secure (CVE-2025-22457). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-13161 KEV [KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13161)
vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13161). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-13160 KEV [KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13160)
vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13160). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-13159 KEV [KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13159)
vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13159). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-0282 KEV [KEV] Vulnerability in Ivanti connect-secure (CVE-2025-0282)
vulnerability in Ivanti connect-secure (CVE-2025-0282). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-9379 KEV [KEV] SQL Injection in Ivanti cloud-services-appliance-csa (CVE-2024-9379)
SQL injection in Ivanti cloud-services-appliance-csa (CVE-2024-9379). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-9380 KEV [KEV] Command Injection in Ivanti cloud-services-appliance-csa (CVE-2024-9380)
command injection in Ivanti cloud-services-appliance-csa (CVE-2024-9380). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-29824 KEV [KEV] SQL Injection in Ivanti endpoint-manager-epm (CVE-2024-29824)
SQL injection in Ivanti endpoint-manager-epm (CVE-2024-29824). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-7593 KEV [KEV] Authentication Bypass in Ivanti virtual-traffic-manager (CVE-2024-7593)
authentication bypass in Ivanti virtual-traffic-manager (CVE-2024-7593). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2024-8963 KEV [KEV] Path Traversal in Ivanti cloud-services-appliance-csa (CVE-2024-8963)
path traversal in Ivanti cloud-services-appliance-csa (CVE-2024-8963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-8190 KEV [KEV] OS Command Injection in Ivanti cloud-services-appliance (CVE-2024-8190)
OS command injection in Ivanti cloud-services-appliance (CVE-2024-8190). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-44529 KEV [KEV] Code Injection in Ivanti endpoint-manager-cloud-service-appliance-epm-csa (CVE-2021-44529)
code injection in Ivanti endpoint-manager-cloud-service-appliance-epm-csa (CVE-2021-44529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21893 KEV [KEV] SSRF (Server-Side Request Forgery) in Ivanti connect-secure (CVE-2024-21893)
SSRF in Ivanti connect-secure (CVE-2024-21893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-35082 KEV [KEV] Authentication Bypass in Ivanti endpoint-manager-mobile-epmm-and-mobileiron-core (CVE-2023-35082)
authentication bypass in Ivanti endpoint-manager-mobile-epmm-and-mobileiron-core (CVE-2023-35082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21887 KEV [KEV] Command Injection in Ivanti connect-secure-and-policy-secure (CVE-2024-21887)
command injection in Ivanti connect-secure-and-policy-secure (CVE-2024-21887). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46805 KEV [KEV] Authentication Bypass in Ivanti connect-secure-and-policy-secure (CVE-2023-46805)
authentication bypass in Ivanti connect-secure-and-policy-secure (CVE-2023-46805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-38035 KEV [KEV] Authorization Flaw in Ivanti sentry (CVE-2023-38035)
vulnerability in Ivanti sentry (CVE-2023-38035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-35081 KEV [KEV] Path Traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081)
path traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-35078 KEV [KEV] Authentication Bypass in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35078)
authentication bypass in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35078). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-11510 KEV [KEV] Path Traversal in Ivanti pulse-connect-secure (CVE-2019-11510)
path traversal in Ivanti pulse-connect-secure (CVE-2019-11510). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-11539 KEV [KEV] OS Command Injection in Ivanti pulse-connect-secure-and-pulse-policy-secure (CVE-2019-11539)
OS command injection in Ivanti pulse-connect-secure-and-pulse-policy-secure (CVE-2019-11539). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22899 KEV [KEV] Command Injection in Ivanti pulse-connect-secure (CVE-2021-22899)
command injection in Ivanti pulse-connect-secure (CVE-2021-22899). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-8260 KEV [KEV] Unrestricted File Upload in Ivanti pulse-connect-secure (CVE-2020-8260)
vulnerability in Ivanti pulse-connect-secure (CVE-2020-8260). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22894 KEV [KEV] Code Injection in Ivanti pulse-connect-secure (CVE-2021-22894)
code injection in Ivanti pulse-connect-secure (CVE-2021-22894). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22900 KEV [KEV] Code Injection in Ivanti pulse-connect-secure (CVE-2021-22900)
code injection in Ivanti pulse-connect-secure (CVE-2021-22900). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-8243 KEV [KEV] Code Injection in Ivanti pulse-connect-secure (CVE-2020-8243)
code injection in Ivanti pulse-connect-secure (CVE-2020-8243). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22893 KEV [KEV] Authentication Bypass in Ivanti pulse-connect-secure (CVE-2021-22893)
authentication bypass in Ivanti pulse-connect-secure (CVE-2021-22893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-15505 KEV [KEV] Vulnerability in Ivanti mobileiron-multiple-products (CVE-2020-15505)
vulnerability in Ivanti mobileiron-multiple-products (CVE-2020-15505). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-11463 Vulnerability in ivanti (CVE-2017-11463)
vulnerability in ivanti (CVE-2017-11463). Successful exploitation can lead to full system takeover.
CVE-2017-11455 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11455)
vulnerability in csrf (CVE-2017-11455). Successful exploitation can lead to full system takeover.
CVE-2016-3147 Buffer Overflow in dos (CVE-2016-3147)
vulnerability in dos (CVE-2016-3147). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →