Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

NVD
NVDadded 2026/05/12 3:16 p.m.11 views

CVE-2026-8110

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS0.00245EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/12 2:29 p.m.7 views

CVE-2026-8109

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS5.8AI score0.00701EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/02/10 3:7 p.m.22 views

CVE-2026-1602

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS0.00685EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/02/10 12:0 a.m.4 views

Ivanti Endpoint Manager SQL注入漏洞

Ivanti Endpoint Manager EPM is a set of endpoint security managers developed by the American company Ivanti. Versions of Ivanti Endpoint Manager prior to EPM 2024 SU5 contained a SQL injection vulnerability. This vulnerability allows remote authentication attackers to access arbitrary data in the...

6.5CVSS7.3AI score0.00685EPSS
Exploits0References2
OSV
OSVadded 2025/12/09 4:17 p.m.2 views

CVE-2025-13662

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...

7.8CVSS6AI score0.00475EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.5 views

PT-2025-50086

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU4 SR1 Description A flaw exists in Ivanti Endpoint Manager due to improper control of dynamically managed code resources. A remote, unauthenticated attacker can write arbitrary files on the...

8.8CVSS8.1AI score0.01618EPSS
Exploits0References6
EUVD
EUVDadded 2025/11/11 6:30 p.m.5 views

EUVD-2025-84339

Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk...

7.1CVSS6.3AI score0.00215EPSS
Exploits0References2
OSV
OSVadded 2025/10/13 10:15 p.m.4 views

CVE-2025-62383

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score0.00757EPSS
Exploits0References1
OSV
OSVadded 2025/10/13 9:15 p.m.1 views

CVE-2025-9713

Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

8.8CVSS6.1AI score0.14489EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/08/29 12:0 a.m.3 views

PT-2024-6216 · Ivanti · Ivanti Epm

Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions prior to 2022 SU6 Ivanti EPM versions prior to the 2024 September update Description: The issue is related to a lack of authentication for a critical function in Ivanti EPM, specifically in Network Isolation. This allows a...

5.3CVSS7.5AI score0.01227EPSS
Exploits0References9
Rows per page
Query Builder