Lucene search
+L

4383 matches found

Cvelist
Cvelist
added 2026/05/12 2:33 p.m.33 views

CVE-2026-8111

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...

8.8CVSS0.00883EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 2:33 p.m.18 views

CVE-2026-8111

CVE-2026-8111 describes an SQL injection in the web console of Ivanti Endpoint Manager prior to 2024 SU6. The vulnerability allows a remote authenticated attacker to achieve remote code execution via the web console, as indicated by the description and CVSS metrics (High, 8.8). Affected product: ...

8.8CVSS6.2AI score0.00883EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:31 p.m.5 views

CVE-2026-8110

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 2:31 p.m.12 views

CVE-2026-8110

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 2:31 p.m.34 views

CVE-2026-8110

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS0.00245EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 2:31 p.m.16 views

CVE-2026-8110

CVE-2026-8110 affects the Ivanti Endpoint Manager agent prior to 2024 SU6. The issue is an incorrect permissions assignment in the agent that allows a local authenticated attacker to escalate privileges (local, low complexity, no user interaction). The impact is elevated confidentiality, integrit...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 2:29 p.m.8 views

CVE-2026-8109

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS5.8AI score0.00701EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 2:29 p.m.32 views

CVE-2026-8109

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS0.00701EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:29 p.m.9 views

CVE-2026-8109

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS5.8AI score0.00701EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 2:29 p.m.55 views

CVE-2026-8109

CVE-2026-8109 affects the Core Server of Ivanti Endpoint Manager prior to version 2024 SU6. The vulnerability is an exposed dangerous method that can be exploited by a remote authenticated attacker to leak credentials. This has been documented in NVD and CVE records, which describe the affected c...

6.5CVSS5.8AI score0.00701EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/12 2:24 p.m.32 views

CVE-2026-8051

OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

7.2CVSS0.01914EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 2:24 p.m.9 views

CVE-2026-8051

OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

7.2CVSS6.1AI score0.01914EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:24 p.m.5 views

CVE-2026-8051

OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

7.2CVSS6.1AI score0.01914EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 2:24 p.m.23 views

CVE-2026-8051

CVE-2026-8051 concerns Ivanti Virtual Traffic Manager (vTM). The NVD/CVE entries state an OS command injection vulnerability in vTM prior to version 22.9r4, allowing a remote authenticated attacker with admin privileges to achieve remote code execution. The description identifies affected product...

7.2CVSS6.1AI score0.01914EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 2:21 p.m.10 views

CVE-2026-7432

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 2:21 p.m.39 views

CVE-2026-7432

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS0.00284EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 2:21 p.m.25 views

CVE-2026-7432

Ivanti Secure Access Client (before 22.8R6) is affected by two adjacent CVEs identified in the connected documents. CVE-2026-7432 describes a race condition that could allow a locally authenticated user to escalate privileges to SYSTEM. CVE-2026-7431 describes an incorrect permission assignment f...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:21 p.m.10 views

CVE-2026-7432

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 2:18 p.m.21 views

CVE-2026-7431

Affected product: Ivanti Secure Access Client. Vulnerabilities (pre-22.8R6): 7431 involves an incorrect permission assignment on a critical resource, enabling a local authenticated user to read/modify sensitive log data via write access to a shared memory section. 7432 is a race condition that al...

4.4CVSS5.8AI score0.00176EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 2:18 p.m.6 views

CVE-2026-7431

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

4.4CVSS5.8AI score0.00284EPSS
Exploits0References1
Rows per page
Query Builder