Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2025/08/12 3:15 p.m.2 views

CVE-2025-5466

XEE in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with admin privileges to trigger a denial of...

4.9CVSS5.9AI score0.01036EPSS
Exploits0References1
OSV
OSVadded 2025/07/12 4:15 a.m.0 views

CVE-2024-38648

A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent network to decrypt sensitive data including user credentials...

5.7CVSS7.3AI score0.00074EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/13 4:8 p.m.6 views

CVE-2024-12058

External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files...

6.8CVSS6.7AI score0.00943EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/01/08 12:0 a.m.3 views

PT-2025-1027

Name of the Vulnerable Software and Affected Versions Ivanti Connect Secure versions prior to 22.7R2.5 Ivanti Policy Secure versions prior to 22.7R1.2 Ivanti Neurons for ZTA gateways versions prior to 22.7R2.3 Description A stack-based buffer overflow exists in Ivanti Connect Secure, Ivanti Polic...

9CVSS7.5AI score0.94129EPSS
Exploits13References126
Positive Technologies
Positive Technologiesadded 2024/12/10 12:0 a.m.2 views

PT-2024-38426 · Ivanti · Ivanti Dsm

Name of the Vulnerable Software and Affected Versions: Ivanti DSM versions prior to 2024.3.5740 Description: The issue is related to insufficient permissions in Ivanti DSM, allowing a local authenticated attacker to delete arbitrary files. Recommendations: For versions prior to 2024.3.5740, updat...

7.1CVSS6AI score0.00202EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2024/06/28 12:0 a.m.5 views

PT-2024-6322 · Ivanti · Ivanti Epm

Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions prior to 2022 SU6 Ivanti EPM versions prior to the 2024 September update Description: The issue is related to an External XML Entity XXE vulnerability in the provisioning web service, allowing a remote unauthenticated...

8.5CVSS7.3AI score0.1348EPSS
Exploits1References16
CISA
CISAadded 2024/02/15 12:0 p.m.18 views

Updated: New Software Updates and Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways

Note: CISA will update this Alert with more information as it becomes available. Updated Feb. 15, 2024: On Feb. 14, 2024, Ivanti released new software updates for Ivanti Connect Secure and Ivanti Policy Secure. Review Ivanti's updated KB articlelink is external for more information. End of Feb. 1...

9.1CVSS10AI score0.94412EPSS
Exploits24References21
Rows per page
Query Builder