Lucene search
K

4369 matches found

Cvelist
Cvelist
added 2026/06/01 5:50 p.m.34 views

CVE-2026-9614

An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...

8.8CVSS0.0144EPSS
Exploits0References1
Circl
Circl
added 2026/06/01 7:50 a.m.11 views

CVE-2026-9614

creationtimestamp| type| source ---|---|--- 2026-06-01 07:50:50+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-533 2026-06-02 13:40:30+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mncpu5sscu2p 2026-06-03 13:06:34+00:00| seen|...

8.8CVSS5.8AI score0.0144EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.23 views

PT-2026-45546

Name of the Vulnerable Software and Affected Versions Ivanti Neurons for ITSM affected versions not specified Description Improper Access Control allows a remote authenticated attacker to gain administrative access. Recommendations Audit role configurations to ensure permissions are limited to...

8.8CVSS5.8AI score0.0144EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Ivanti Neurons for ITSM 访问控制错误漏洞

Ivanti Neurons for ITSM is a reliable and powerful IT service management solution from the American company Ivanti. Ivanti Neurons for ITSM has a vulnerability related to access control. This vulnerability stems from improper access control practices, which may allow remote authentication attacke...

8.8CVSS5.5AI score0.0144EPSS
Exploits0References1
NVD
NVD
added 2026/05/22 3:16 p.m.20 views

CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

8.8CVSS0.00564EPSS
Exploits0References1
CVE
CVE
added 2026/05/22 2:24 p.m.40 views

CVE-2026-8992

The CVE-2026-8992 entry concerns Ivanti Secure Access Client, vulnerable prior to version 22.8R6, due to improper certificate validation. The issue allows remote unauthenticated attackers to execute arbitrary code. According to the description and CVSS metrics (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/22 2:24 p.m.12 views

CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/22 2:24 p.m.16 views

EUVD-2026-31445

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 2:24 p.m.6 views

CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/22 2:24 p.m.14 views

CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

8.8CVSS0.00564EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.16 views

PT-2026-42775

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Ivanti Secure Access Client 信任管理问题漏洞

Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Versions of Ivanti Secure Access Client prior to 22.8R6 contained a vulnerability related to trust management. This vulnerability stemmed from improper certificate verification, which could allow...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/05/18 10:54 a.m.28 views

Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the list is a critical flaw impacting Ivanti Xtraction CVE-2026-8043, CVSS score: 9.6 that could be...

9.8CVSS6.7AI score0.00869EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.13 views

Ivanti Virtual Traffic Manager (vTM) < 22.9R4 OS Command Injection (CVE-2026-8051)

The version of Ivanti Virtual Traffic Manager vTM running on the remote host is prior to 22.9R4. It is, therefore, affected by an OS command injection vulnerability: - OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin...

7.2CVSS6.2AI score0.01914EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.11 views

Ivanti Endpoint Manager < 2024 SU6 Multiple Vulnerabilities

The version of Ivanti Endpoint Manager running on the remote host is prior to 2024 SU6. It is, therefore, affected by multiple vulnerabilities: - An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access...

8.8CVSS6.2AI score0.00883EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.9 views

Ivanti Secure Access Client 22.x < 22.8R6 Multiple Vulnerabilities

The Ivanti Secure Access Client installed on the remote host is 22.x prior to 22.8R6. It is, therefore, affected by multiple vulnerabilities: - An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 3:31 p.m.15 views

EUVD-2026-29485

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 3:31 p.m.14 views

EUVD-2026-29489

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

6.5CVSS5.8AI score0.00701EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 3:31 p.m.11 views

EUVD-2026-29486

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 3:31 p.m.9 views

EUVD-2026-29490

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References2
Rows per page
Query Builder