4369 matches found
CVE-2026-9614
An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...
CVE-2026-9614
creationtimestamp| type| source ---|---|--- 2026-06-01 07:50:50+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-533 2026-06-02 13:40:30+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mncpu5sscu2p 2026-06-03 13:06:34+00:00| seen|...
PT-2026-45546
Name of the Vulnerable Software and Affected Versions Ivanti Neurons for ITSM affected versions not specified Description Improper Access Control allows a remote authenticated attacker to gain administrative access. Recommendations Audit role configurations to ensure permissions are limited to...
Ivanti Neurons for ITSM 访问控制错误漏洞
Ivanti Neurons for ITSM is a reliable and powerful IT service management solution from the American company Ivanti. Ivanti Neurons for ITSM has a vulnerability related to access control. This vulnerability stems from improper access control practices, which may allow remote authentication attacke...
CVE-2026-8992
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...
CVE-2026-8992
The CVE-2026-8992 entry concerns Ivanti Secure Access Client, vulnerable prior to version 22.8R6, due to improper certificate validation. The issue allows remote unauthenticated attackers to execute arbitrary code. According to the description and CVSS metrics (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H...
CVE-2026-8992
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...
EUVD-2026-31445
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...
CVE-2026-8992
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...
CVE-2026-8992
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...
PT-2026-42775
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...
Ivanti Secure Access Client 信任管理问题漏洞
Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Versions of Ivanti Secure Access Client prior to 22.8R6 contained a vulnerability related to trust management. This vulnerability stemmed from improper certificate verification, which could allow...
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the list is a critical flaw impacting Ivanti Xtraction CVE-2026-8043, CVSS score: 9.6 that could be...
Ivanti Virtual Traffic Manager (vTM) < 22.9R4 OS Command Injection (CVE-2026-8051)
The version of Ivanti Virtual Traffic Manager vTM running on the remote host is prior to 22.9R4. It is, therefore, affected by an OS command injection vulnerability: - OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin...
Ivanti Endpoint Manager < 2024 SU6 Multiple Vulnerabilities
The version of Ivanti Endpoint Manager running on the remote host is prior to 2024 SU6. It is, therefore, affected by multiple vulnerabilities: - An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access...
Ivanti Secure Access Client 22.x < 22.8R6 Multiple Vulnerabilities
The Ivanti Secure Access Client installed on the remote host is 22.x prior to 22.8R6. It is, therefore, affected by multiple vulnerabilities: - An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify...
EUVD-2026-29485
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...
EUVD-2026-29489
An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...
EUVD-2026-29486
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...
EUVD-2026-29490
Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...