Lucene search
K

4371 matches found

EUVD
EUVD
added 2026/05/12 3:31 p.m.11 views

EUVD-2026-29486

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 3:31 p.m.9 views

EUVD-2026-29490

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 3:31 p.m.9 views

EUVD-2026-29487

External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks...

9.6CVSS5.9AI score0.00869EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 3:16 p.m.15 views

CVE-2026-8111

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...

8.8CVSS0.00883EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 3:16 p.m.12 views

CVE-2026-8051

OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

7.2CVSS0.01914EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 3:16 p.m.10 views

CVE-2026-8109

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS0.00701EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 3:16 p.m.15 views

CVE-2026-7432

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS0.00284EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 3:16 p.m.16 views

CVE-2026-8043

External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks...

9.6CVSS0.00869EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 3:16 p.m.12 views

CVE-2026-8110

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS0.00245EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 3:16 p.m.14 views

CVE-2026-7431

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

4.4CVSS0.00176EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 2:33 p.m.9 views

CVE-2026-8111

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...

8.8CVSS6.2AI score0.00883EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 2:33 p.m.27 views

CVE-2026-8111

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...

8.8CVSS0.00883EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:33 p.m.11 views

CVE-2026-8111

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...

8.8CVSS6.2AI score0.00883EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 2:33 p.m.11 views

CVE-2026-8111

CVE-2026-8111 describes an SQL injection in the web console of Ivanti Endpoint Manager prior to 2024 SU6. The vulnerability allows a remote authenticated attacker to achieve remote code execution via the web console, as indicated by the description and CVSS metrics (High, 8.8). Affected product: ...

8.8CVSS6.2AI score0.00883EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 2:31 p.m.12 views

CVE-2026-8110

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 2:31 p.m.11 views

CVE-2026-8110

CVE-2026-8110 affects the Ivanti Endpoint Manager agent prior to 2024 SU6. The issue is an incorrect permissions assignment in the agent that allows a local authenticated attacker to escalate privileges (local, low complexity, no user interaction). The impact is elevated confidentiality, integrit...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/12 2:31 p.m.31 views

CVE-2026-8110

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS0.00245EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:31 p.m.5 views

CVE-2026-8110

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:29 p.m.8 views

CVE-2026-8109

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS5.8AI score0.00701EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 2:29 p.m.8 views

CVE-2026-8109

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS5.8AI score0.00701EPSS
Exploits0References1
Rows per page
Query Builder