Lucene search
+L

87 matches found

RedhatCVE
RedhatCVE
added 2025/09/11 3:26 p.m.9 views

CVE-2025-8712

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

5.4CVSS6.8AI score0.00412EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 4:15 p.m.11 views

CVE-2025-55148

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

7.6CVSS0.00515EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 4:15 p.m.8 views

CVE-2025-8712

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

5.4CVSS0.00412EPSS
Exploits0References1
OSV
OSV
added 2025/09/09 4:15 p.m.3 views

CVE-2025-55144

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

5.4CVSS5.8AI score0.00514EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 4:15 p.m.9 views

CVE-2025-55142

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

8.8CVSS0.00855EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 4:15 p.m.10 views

CVE-2025-55144

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

5.4CVSS0.00514EPSS
Exploits0References1
OSV
OSV
added 2025/09/09 4:15 p.m.5 views

CVE-2025-55141

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

8.8CVSS5.9AI score0.00855EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 3:55 p.m.8 views

CVE-2025-55144

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

5.4CVSS0.00514EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 3:49 p.m.25 views

CVE-2025-55142

CVE-2025-55142 describes a missing authorization in Ivanti Connect Secure and related Ivanti products that permits a remote authenticated attacker with read-only admin privileges to configure authentication-related settings. According to multiple sources, the issue affects Ivanti Connect Secure (...

8.8CVSS6.5AI score0.00855EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/09 3:49 p.m.3 views

CVE-2025-55142

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

8.8CVSS6.5AI score0.00855EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 3:45 p.m.10 views

CVE-2025-55141

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

8.8CVSS0.00855EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 3:37 p.m.32 views

CVE-2025-55148

Ivanti vulnerabilities (CVE-2025-55148 and related) affect Ivanti Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access. Root cause: missing authorization checks allow a remote authenticated attacker with read-only admin privileges to configure restricted settings (fix deploy...

7.6CVSS6.3AI score0.00515EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/09/09 3:12 p.m.36 views

CVE-2025-8712

Ivanti reports a missing authorization flaw (CVE-2025-8712) affecting Ivanti Connect Secure before 22.7R2.9/22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 22.8R2.3-723, and Ivanti Neurons for Secure Access before 22.8R1.4. The issue allows a remote authenticated attacker ...

5.4CVSS6.3AI score0.00412EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.7 views

PT-2025-36742

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.9 Ivanti Connect Secure versions prior to 22.8R2 Ivanti Policy Secure versions prior to 22.7R1.6 Ivanti ZTA Gateway versions prior to 22.8R2.3-723 Ivanti Neurons for Secure Access versions prior ...

5.4CVSS6.2AI score0.00412EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.9 views

PT-2025-36751

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.9 Ivanti Connect Secure versions prior to 22.8R2 Ivanti Policy Secure versions prior to 22.7R1.6 Ivanti ZTA Gateway versions prior to 2.8R2.3-723 Ivanti Neurons for Secure Access versions prior t...

7.6CVSS6.2AI score0.00515EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.19 views

PT-2025-36747

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.9 Ivanti Policy Secure versions prior to 22.7R1.6 Ivanti ZTA Gateway versions prior to 2.8R2.3-723 Ivanti Neurons for Secure Access versions prior to 22.8R1.4 Description: A missing authorization...

8.8CVSS6.4AI score0.00855EPSS
Exploits0References6
OSV
OSV
added 2025/06/10 5:21 p.m.3 views

CVE-2025-22254

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...

7.2CVSS5.8AI score0.00712EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:55 p.m.4 views

CVE-2021-28962

Stormshield Network Security SNS before 4.2.2 allows a read-only administrator to gain privileges via CLI commands...

7.2CVSS7AI score0.01161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/11 2:54 p.m.6 views

CVE-2024-55590

Multiple improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiIsolator version 2.4.0 through 2.4.5 allows an authenticated attacker with at least read-only admin permission and CLI access to execute unauthorized code via...

8.8CVSS8.9AI score0.01066EPSS
Exploits0References1
CVE
CVE
added 2025/03/11 2:54 p.m.43 views

CVE-2024-55590

CVE-2024-55590 affects Fortinet FortiIsolator versions 2.4.0–2.4.5. The issue is an OS command injection caused by improper neutralization of special elements, allowing an authenticated attacker with at least read‑only admin privileges and CLI access to execute unauthorized code via crafted CLI c...

8.8CVSS8.9AI score0.01066EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder