CVE-2019-12374

A SQL Injection vulnerability exists in Ivanti LANDESK Management Suite LDMS, aka Endpoint Manager 10.0.1.168 Service Update 5 due to improper username sanitization in the Basic Authentication implementation in core/provisioning.secure/ProvisioningSecure.asmx in Provisioning.Secure.dll...

CVE-2019-12375

Open directories in Ivanti LANDESK Management Suite LDMS, aka Endpoint Manager 10.0.1.168 Service Update 5 may lead to remote information disclosure and arbitrary code execution...

CVE-2019-12373

Improper access control and open directories in Ivanti LANDESK Management Suite LDMS, aka Endpoint Manager 10.0.1.168 Service Update 5 may lead to remote disclosure of administrator passwords...

EUVD-2014-5249

Malware in sbrugna...

EUVD-2019-4010

Malware in sbrugna...

EUVD-2019-4008

Malware in sbrugna...

EUVD-2019-4011

Malware in sbrugna...

EUVD-2008-6165

Malware in sbrugna...

EUVD-2016-4199

Malware in sbrugna...

EUVD-2008-1644

Malware in sbrugna...

EUVD-2014-5248

Malware in sbrugna...

EUVD-2014-5250

Malware in sbrugna...

EUVD-2010-2896

Malware in sbrugna...

EUVD-2019-4012

Malware in sbrugna...

EUVD-2019-4009

Malware in sbrugna...

EUVD-2025-12199

Malicious code in bioql PyPI...

EUVD-2022-35332

Malicious code in bioql PyPI...

CVE-2022-30121

The “LANDeskR Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system...

CVE-2019-12377

A vulnerable upl/asyncupload.asp web API endpoint in Ivanti LANDESK Management Suite LDMS, aka Endpoint Manager 10.0.1.168 Service Update 5 allows arbitrary file upload, which may lead to arbitrary remote code execution...

CVE-2019-12376

Use of a hard-coded encryption key in Ivanti LANDESK Management Suite LDMS, aka Endpoint Manager 10.0.1.168 Service Update 5 may lead to full managed endpoint compromise by an authenticated user with read privileges...