PT-2026-47808

An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to execute arbitrary commands as root...

CVE-2026-5788

An Improper Access Control in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to invoke arbitrary methods...

PT-2026-38455

Name of the Vulnerable Software and Affected Versions Ivanti EPMM versions prior to 12.6.1.1 Ivanti EPMM versions prior to 12.7.0.1 Ivanti EPMM versions prior to 12.8.0.1 Description Improper Access Control allows a remote unauthenticated attacker to invoke arbitrary methods. Recommendations Upda...

Ivanti EPMM 访问控制错误漏洞

Ivanti EPMM is a product developed by the American company Ivanti, designed to help IT departments create policies for mobile devices, applications, and content. Versions of Ivanti EPMM prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1 contained an access control vulnerability. This vulnerability stemmed...

Impact of CVE-2025-66516 On Ivanti EPMM

Last Modified Date Apr 21, 2026 7:10:37 AM...

WSO2多款产品 安全漏洞

WSO2 API Manager is an API lifecycle management solution, WSO2 API Manager Analytics is an analytics component, and WSO2 API Control Plane is a control panel. A security vulnerability exists in a number of WSO2 products. The vulnerability stems from insufficient enforcement of permissions in the...

CVE-2025-10986

CVE-2025-10986 affects Ivanti Endpoint Manager Mobile (EPMM) admin panel. A path traversal vulnerability exists in EPMM versions before 12.6.0.2, 12.5.0.4, and 12.4.0.4 that could allow a remote authenticated attacker with admin privileges to write data to unintended locations on disk. Connected ...

EUVD-2025-34213

OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

EUVD-2014-0760

Malware in sbrugna...

EUVD-2012-4512

Malware in sbrugna...

EUVD-2012-4515

Malware in sbrugna...

EUVD-2012-4517

Malware in sbrugna...

CVE-2012-4588

McAfee Enterprise Mobility Manager EMM Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administrator may wish to unlock, which allows remote attackers to cause a denial of service excessive list...

CVE-2024-7612

Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to modify sensitive application components...

CVE-2024-36132

Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access sensitive resources...

CVE-2023-35078

An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication...

Ivanti Avalanche 安全漏洞

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A security vulnerability exists in Ivanti Avalanche version 6.3.2.3490, which stems from a lack of proper locking...

CISA’s Zero Trust Guidance for Enterprise Mobility Available for Public Comment

CISA has released a draft version of Applying Zero Trust Principles to Enterprise Mobility for public comment. The paper guides federal agencies as they evolve and operationalize cybersecurity programs and capabilities, including cybersecurity for mobility. The public comment period will close...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in EMM in Google Android 11, which stems from a lack of data encryption in the modem EMM that could lead to information disclosure...

Improving security for mobile devices: CISA issues guides

The Cybersecurity and Infrastructure Security Agency CISA has released two actionable Capacity Enhancement Guides CEGs to help users and organizations improve mobile device cybersecurity. Consumers One of the guides is intended for consumers. There are an estimated 294 million smart phone users i...