11 matches found
com.github.jinahya:jsonrpc-bind-tests (=0.7.1), org.amebastack.container:ameba-container-grizzly (>=0.1.6c <=0.1.6e) +185 more potentially affected by CVE-2020-5245 +3 more via org.hibernate.validator:hibernate-validator (>=7.0.0.Alpha1 <=7.0.0.Alpha6)
org.hibernate.validator:hibernate-validator MAVEN version =7.0.0.Alpha1, =0.1.6c, =0.1.2, =0.1.2, =0.1.2, =0.1.6c, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0-RC1 and more Source cves: CVE-2020-5245, CVE-2025-35036, CVE-2025-4427, CVE-2025-4428 Source advisory: OSV:GHSA-7V6M-28JR-RG84...
Ivanti Endpoint Manager Mobile exploit chain exploited in the wild
On May 13, 2025, Ivanti disclosed an exploited in the wild exploit chain, comprising of two new vulnerabilities affecting Ivanti Endpoint Manager Mobile EPMM: CVE-2025-4427 and CVE-2025-4428. Ivanti EPMM is an enterprise-focused software suite for IT teams to manage mobile devices, applications,...
Ivanti EPMM Pre-Auth RCE Chain 1day Detection Artifact Generator Tool
This script attempts to detect if Ivanti EPMM is vulnerable to CVE-2025-4427 and CVE-2025-4428. It affects versions 11.12.0.4 and prior, 12.3.0.1 and prior, 12.4.0.1 and prior, and 12.5.0.0 and prior...
CVE-2025-4428
Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Ivanti Endpoint_Manager_Mobile
CVE-2025-4427 and CVE-2025-4428 Ivanti EPMM Chain Ivanti EPMM...
CVE-2025-4428
creationtimestamp| type| source ---|---|--- 2025-05-13 16:30:39+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp2vhy3fbjz2 2025-05-13 16:30:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16168 2025-05-13 16:48:00+00:00| seen|...
CVE-2025-4428
Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests...
CVE-2025-4428 Remote Code Execution
Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests...
CVE-2025-4428
Ivanti Endpoint Manager Mobile (EPMM) Code Injection vulnerability (CVE-2025-4428). An authenticated attacker can remotely execute arbitrary code via crafted API requests in the API component. Root cause cited as insecure implementation/interpolation involving the Hibernate Validator library, wit...
Security Advisory Ivanti Endpoint Manager Mobile (EPMM) May 2025 (CVE-2025-4427 and CVE-2025-4428)
Ivanti has released updates for Endpoint Manager Mobile EPMM which addresses one medium and one high severity vulnerability. When chained together, successful exploitation could lead to unauthenticated remote code execution. We are aware of a very limited number of customers whose solution has be...
CVE-2025-4428
Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests. Recent assessments: remmons-r7 at May 22, 2025 5:27am UTC reported: On May 13, 2025, Ivanti...