CVE-2024-34788

An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information...

EUVD-2024-35893

Malicious code in bioql PyPI...

EUVD-2024-19632

Malicious code in bioql PyPI...

EUVD-2024-35892

Malicious code in bioql PyPI...

EUVD-2023-50973

Malicious code in bioql PyPI...

CVE-2023-46807

An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database...

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-4427link is external Ivanti Endpoint Manager Mobile EPMM Authentication Bypass Vulnerability CVE-2025-4428link is external Ivanti Endpoint Manager Mobile EPMM...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Ivanti Endpoint_Manager_Mobile

CVE-2025-4427 and CVE-2025-4428 Ivanti EPMM Chain Ivanti EPMM...

CVE-2024-36130

An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance...

CVE-2024-36131

An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance...

Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability

Advanced persistent threat APT actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile EPMM as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network. The disclosure comes as part of a new joint...