Lucene search
K

70 matches found

EUVD
EUVD
added 2026/05/12 3:31 p.m.14 views

EUVD-2026-29489

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS5.8AI score0.00701EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 3:16 p.m.12 views

CVE-2026-8110

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS0.00245EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 3:16 p.m.10 views

CVE-2026-8109

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS0.00701EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:29 p.m.8 views

CVE-2026-8109

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS5.8AI score0.00701EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Ivanti Endpoint Manager 安全漏洞

Ivanti Endpoint Manager EPM is a set of endpoint security managers developed by the American company Ivanti. Versions of Ivanti Endpoint Manager prior to EPM 2024 SU6 contained security vulnerabilities. These vulnerabilities were due to improper delegation of permissions by agents, which could...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Ivanti Endpoint Manager(EPM) SQL注入漏洞

Ivanti Endpoint Manager EPM is a set of endpoint security managers developed by the American company Ivanti. Versions of Ivanti Endpoint Manager prior to EPM 2024 SU6 contained a SQL injection vulnerability. This vulnerability stemmed from SQL injections in the web console, and could allow remote...

8.8CVSS6AI score0.00883EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 3:7 p.m.22 views

CVE-2026-1602

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS0.00685EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.5 views

Ivanti Endpoint Manager SQL注入漏洞

Ivanti Endpoint Manager EPM is a set of endpoint security managers developed by the American company Ivanti. Versions of Ivanti Endpoint Manager prior to EPM 2024 SU5 contained a SQL injection vulnerability. This vulnerability allows remote authentication attackers to access arbitrary data in the...

6.5CVSS7.3AI score0.00685EPSS
Exploits0References2
OSV
OSV
added 2025/12/09 4:17 p.m.2 views

CVE-2025-13662

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...

7.8CVSS6AI score0.00475EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.7 views

PT-2025-50086

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU4 SR1 Description A flaw exists in Ivanti Endpoint Manager due to improper control of dynamically managed code resources. A remote, unauthenticated attacker can write arbitrary files on the...

8.8CVSS8.1AI score0.01618EPSS
Exploits0References6
EUVD
EUVD
added 2025/11/11 6:30 p.m.5 views

EUVD-2025-84339

Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk...

7.1CVSS6.3AI score0.0022EPSS
Exploits0References2
Ivanti
Ivanti
added 2025/11/10 4:30 p.m.8 views

Security Advisory EPM November 2025 for EPM 2024

Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses three high vulnerabilities. Successful exploitation could allow a local authenticated attacker to write arbitrary files anywhere on disk. Two of the resolved vulnerabilities, CVE-2025-9713 and CVE-2025-11622, were...

7.8CVSS7AI score0.00737EPSS
Exploits0
OSV
OSV
added 2025/10/13 10:15 p.m.5 views

CVE-2025-62389

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score
Exploits0References1
OSV
OSV
added 2025/10/13 10:15 p.m.4 views

CVE-2025-62383

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score0.00757EPSS
Exploits0References1
OSV
OSV
added 2025/10/13 9:15 p.m.3 views

CVE-2025-9713

Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

8.8CVSS6.1AI score0.14489EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-37150

Malicious code in bioql PyPI...

8.8CVSS6.2AI score0.0151EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:31 a.m.7 views

CVE-2024-20884

Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API...

7.8CVSS6.6AI score0.00148EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/12/09 12:0 a.m.6 views

CVE-2024-55564

The POSIX::2008 package before 0.24 for Perl has a potential execve50c env buffer overflow...

9.8CVSS6AI score0.00488EPSS
Exploits0References2
Circl
Circl
added 2024/12/05 4:34 p.m.20 views

CVE-2024-12233

creationtimestamp| type| source ---|---|--- 2024-12-05 16:34:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113601182484335124 2024-12-05 19:32:43+00:00| seen| https://t.me/cvedetector/12126...

9.8CVSS7.3AI score0.00788EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/12/03 5:15 p.m.10 views

CVE-2024-53863

Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for...

9.1CVSS6.6AI score0.00625EPSS
Exploits0References4
Rows per page
Query Builder