30 matches found
EUVD-2026-28395
An Improper Access Control in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to invoke arbitrary methods...
CVE-2026-7821
Improper certificate validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to enroll a device belonging to a restricted set of unenrolled devices, leading to information disclosure about EPMM appliance and impacting on the integrity of...
CVE-2026-5786
Product: Ivanti Endpoint Manager Mobile (EPMM). Vulnerability: Improper access control allowing a remote authenticated attacker to gain administrative access. Versions affected: before 12.6.1.1, 12.7.0.1, and 12.8.0.1. Impact: elevated privileges to administrative level (high impact). Context: CV...
Ivanti EPMM 输入验证错误漏洞
Ivanti EPMM is a product developed by the American company Ivanti, designed to help IT departments create policies for mobile devices, applications, and content. Versions of Ivanti EPMM prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1 contained a vulnerability related to input validation errors. This...
CVE-2025-10985
CVE-2025-10985 is an OS command injection flaw in Ivanti Endpoint Manager Mobile (EPMM) admin panel. A remote authenticated attacker with admin privileges can execute arbitrary OS commands, enabling remote code execution. Affected versions are Ivanti EPMM prior to 12.6.0.2, 12.5.0.4, and 12.4.0.4...
Ivanti EPM Elevation of Privilege Vulnerability
Ivanti EPM is a comprehensive endpoint management solution developed by Ivanti. Ivanti EPM suffers from an elevation of privilege vulnerability that stems from an issue containing an uninitialized resource that can be exploited by an attacker to elevate its privileges...
Ivanti EPM Out-of-Bounds Write Vulnerability (CNVD-2025-30749)
Ivanti EPM is a comprehensive endpoint management solution developed by Ivanti. Ivanti EPM suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause a denial of service...
Ivanti EPM out-of-bounds write vulnerability (CNVD-2025-30748)
Ivanti EPM is a comprehensive endpoint management solution developed by Ivanti. Ivanti EPM suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause a denial of service...
The vulnerability of the Ivanti EPM endpoint management software, related to the use of an uninitialized resource, allows a hacker to escalate their privileges.
The vulnerability of the Ivanti EPM endpoint management software is related to the use of an uninitialized resource. Exploiting this vulnerability can allow a malicious individual to gain increased privileges...
The vulnerability of the Ivanti EPM endpoint management software, related to reading data beyond the buffer in memory, allows a hacker to trigger a service failure.
The vulnerability of the Ivanti EPM endpoint management software relates to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the Ivanti EPM endpoint management software, related to reading data beyond the buffer in memory, allows a hacker to trigger a service failure.
The vulnerability of the Ivanti EPM endpoint management software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the Ivanti EPM endpoint management software, related to errors in verifying the cryptographic signature, allows a hacker to execute remote code.
The vulnerability of the Ivanti EPM endpoint management software is related to errors in checking the cryptographic signature. Exploiting this vulnerability could allow a perpetrator to execute remote code...
The vulnerability of the Ivanti EPM endpoint management software, related to reading data beyond the buffer in memory, allows a hacker to trigger a service failure.
The vulnerability of the Ivanti EPM endpoint management software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the Ivanti EPM endpoint management software, related to out-of-memory reading, allows a hacker to exploit their privileges.
The vulnerability of the Ivanti EPM endpoint management software relates to memory-walking attacks. Exploiting this vulnerability can allow attackers to gain increased privileges...
The vulnerability of the Ivanti EPM endpoint management software, related to reading data beyond the buffer in memory, allows a hacker to trigger a service failure.
The vulnerability of the Ivanti EPM endpoint management software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service failures...
CVE-2024-13169
An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges...