Lucene search
+L

475 matches found

RedhatCVE
RedhatCVE
added 2025/02/04 11:56 p.m.6 views

CVE-2024-13164

An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges...

7.8CVSS6.6AI score0.00368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:56 p.m.11 views

CVE-2024-13159

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information...

9.8CVSS9.5AI score0.99762EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:56 p.m.5 views

CVE-2024-13160

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information...

9.8CVSS9.5AI score0.89738EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:56 p.m.6 views

CVE-2024-13168

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service...

7.5CVSS7AI score0.02128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:55 p.m.7 views

CVE-2024-13171

Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required...

7.8CVSS7.7AI score0.17614EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:55 p.m.9 views

CVE-2024-13162

SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. This CVE addresses incomplete fixes from CVE-2024-32848...

9.1CVSS7.8AI score0.64176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:54 p.m.7 views

CVE-2024-13166

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service...

7.5CVSS7AI score0.01961EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:53 p.m.6 views

CVE-2024-13163

Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required...

7.8CVSS7.7AI score0.09214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:53 p.m.8 views

CVE-2024-13172

Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required...

7.8CVSS7.7AI score0.00505EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:53 p.m.6 views

CVE-2024-13167

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service...

7.5CVSS7AI score0.02128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:53 p.m.7 views

CVE-2024-13158

An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution...

7.2CVSS7.1AI score0.0275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:52 p.m.5 views

CVE-2024-13169

An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges...

7.8CVSS6.5AI score0.00434EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:52 p.m.6 views

CVE-2024-13161

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information...

9.8CVSS9.5AI score0.88518EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:52 p.m.4 views

CVE-2024-13165

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service...

7.5CVSS7AI score0.02128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:52 p.m.6 views

CVE-2024-13170

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service...

7.5CVSS7AI score0.02186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:46 p.m.4 views

CVE-2024-22058

A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older...

7.8CVSS8AI score0.00379EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:43 p.m.10 views

CVE-2024-8191

SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution...

9.8CVSS8.4AI score0.19565EPSS
Exploits0References1
CNVD
CNVD
added 2025/01/23 12:0 a.m.5 views

Ivanti EPM Out-of-Bounds Write Vulnerability (CNVD-2025-30751)

Ivanti EPM is a comprehensive endpoint management solution developed by Ivanti. Ivanti EPM suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause a denial of service...

7.5CVSS7AI score0.02128EPSS
Exploits0References1
CNVD
CNVD
added 2025/01/23 12:0 a.m.1 views

Ivanti EPM Absolute Path Traversal Vulnerability

Ivanti EPM is a comprehensive endpoint management solution developed by Ivanti. Ivanti EPM suffers from an absolute path traversal vulnerability that can be exploited by an attacker to obtain sensitive information...

9.8CVSS6.8AI score0.03189EPSS
Exploits1References1
CNVD
CNVD
added 2025/01/23 12:0 a.m.2 views

Ivanti EPM Code Execution Vulnerability

Ivanti EPM is a comprehensive endpoint management solution developed by Ivanti. Ivanti EPM suffers from a code execution vulnerability that stems from the inclusion of an unrestricted resource search path. An attacker could exploit this vulnerability to achieve remote code execution...

7.2CVSS8.4AI score0.0275EPSS
Exploits0References1
Rows per page
Query Builder