Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.10 views

CVE-2026-8110

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS5.4AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 2:33 p.m.10 views

CVE-2026-8111

CVE-2026-8111 describes an SQL injection in the web console of Ivanti Endpoint Manager prior to 2024 SU6. The vulnerability allows a remote authenticated attacker to achieve remote code execution via the web console, as indicated by the description and CVSS metrics (High, 8.8). Affected product: ...

8.8CVSS6.2AI score0.00883EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/12 2:33 p.m.26 views

CVE-2026-8111

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...

8.8CVSS0.00883EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 2:31 p.m.11 views

CVE-2026-8110

CVE-2026-8110 affects the Ivanti Endpoint Manager agent prior to 2024 SU6. The issue is an incorrect permissions assignment in the agent that allows a local authenticated attacker to escalate privileges (local, low complexity, no user interaction). The impact is elevated confidentiality, integrit...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References1Affected Software1
Ivanti
Ivanti
added 2026/05/12 1:59 p.m.32 views

Security Advisory Ivanti Endpoint Manager (EPM) May 2026

Security Advisory Ivanti Endpoint Manager EPM CVE-2026-8109, CVE-2026-8110, CVE-2026-811 Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses one Medium severity and two High severity vulnerabilities. Successful exploitation could lead to information disclosure, privile...

8.8CVSS6.3AI score0.00883EPSS
Exploits0
Cvelist
Cvelist
added 2024/09/12 1:9 a.m.34 views

CVE-2024-34779

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.24005EPSS
Exploits0References1
Rows per page
Query Builder