18647 matches found
CVE-2025-62388
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62385
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62386
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62241
Insecure Direct Object Reference IDOR vulnerability with shipment addresses in Liferay DXP 2023.Q4.1 through 2023.Q4.5 allows remote authenticated users to from one virtual instance to view the shipment addresses of different virtual instance via the...
CVE-2025-62243
Insecure direct object reference IDOR vulnerability in Publications in Liferay Portal 7.4.1 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authenticated attackers to view publication comments via the...
CVE-2025-10986
Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to write data in unintended locations on disk...
CVE-2025-10986
Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to write data in unintended locations on disk...
CVE-2025-10986
CVE-2025-10986 affects Ivanti Endpoint Manager Mobile (EPMM) admin panel. A path traversal vulnerability exists in EPMM versions before 12.6.0.2, 12.5.0.4, and 12.4.0.4 that could allow a remote authenticated attacker with admin privileges to write data to unintended locations on disk. Connected ...
EUVD-2025-34107
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...
EUVD-2025-34108
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...
EUVD-2025-34101
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...
EUVD-2025-34104
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...
EUVD-2025-34103
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...
EUVD-2025-34098
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...
Ivanti EPMM 路径遍历漏洞
Ivanti EPMM is a product from Ivanti USA that enables IT departments to set policies for mobile devices, applications and content. A path traversal vulnerability exists in Ivanti EPMM versions prior to 12.6.0.2, 12.5.0.4, and 12.4.0.4, which stems from a path traversal issue in the administration...
CVE-2025-62392
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62391
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62388
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62390
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62388
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...