CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

257 matches found

CVE-2026-4914

Stored XSS in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to obtain limited information from other user sessions. User interaction is required...

5.4CVSS5.5AI score0.00081EPSS

Exploits0References1

NVD•added last week•10 views

CVE-2026-9614

An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...

8.8CVSS0.00407EPSS

Exploits0References1

EUVD•added last week•9 views

EUVD-2026-33736

An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...

8.8CVSS5.8AI score0.00407EPSS

Exploits0References1

Ivanti•added last week•9 views

Security Advisory Ivanti Neurons for ITSM (CVE-2026-9614)

Ivanti has released updates for Ivanti Neurons for ITSM which addresses one high severity vulnerability. Successful exploitation could lead to authenticated privilege escalation to an administrator. We are not aware of any customers being exploited by this vulnerability at the time of disclosure...

8.8CVSS5.8AI score0.00407EPSS

Exploits0

EUVD•added 2026/04/14 3:30 p.m.•2 views

EUVD-2026-22278

Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled...

5.7CVSS5.8AI score0.00126EPSS

Exploits0References2

CNNVD•added 2026/04/14 12:0 a.m.•2 views

Ivanti Neurons for ITSM 安全漏洞

Ivanti Neurons for ITSM is a reliable and powerful IT service management solution from the American company Ivanti. Versions of Ivanti Neurons for ITSM prior to 2025.4 contained security vulnerabilities. These vulnerabilities stemmed from improper protection of alternative paths, which could allo...

5.7CVSS5.8AI score0.00126EPSS

Exploits0References1

EUVD•added 2026/03/23 9:30 p.m.•1 views

EUVD-2025-208946

A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...

5.8AI score0.00013EPSS

Exploits1References4

Positive Technologies•added 2026/03/18 12:0 a.m.•2 views

PT-2026-26062

Name of the Vulnerable Software and Affected Versions BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 Description BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery issue in the externalfeed/RSS API component. Authenticated attackers...

5.3CVSS6.1AI score0.02828EPSS

Exploits1References11

RedhatCVE•added 2026/01/09 9:30 a.m.•4 views

CVE-2023-43790

iTop is an IT service management platform. By manipulating HTTP queries, a user can inject malicious content in the fields used for the object friendlyname value. This vulnerability is fixed in 3.1.1 and 3.2.0...

5.7CVSS6.8AI score0.00779EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-19479

Malware in sbrugna...

8.7CVSS7.3AI score0.00316EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-19540

Malware in sbrugna...

8.8CVSS8.5AI score0.00144EPSS

Exploits0References2