24 matches found
EUVD-2025-24254
Malicious code in bioql PyPI...
EUVD-2025-27419
Malicious code in bioql PyPI...
EUVD-2025-27418
Malicious code in bioql PyPI...
CVE-2025-55139
SSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with admin privileges to enumerate internal...
CVE-2025-8711
CSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote unauthenticated attacker to execute limited actions on behalf of th...
CVE-2025-8712
Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...
CVE-2025-55145
Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker to hijack existing HTML5...
CVE-2025-55146
An unchecked return value in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with admin privileges t...
CVE-2025-55144
CVE-2025-55144 affects Ivanti Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access. The vulnerability is a missing authorization flaw that lets a remote authenticated attacker with read‑only admin privileges configure restricted settings. Affected versions: Connect Secure &l...
CVE-2025-55143
CVE-2025-55143 is a reflected text injection vulnerability affecting Ivanti Connect Secure < 22.7R2.9 or < 22.8R2, Ivanti Policy Secure < 22.7R1.6, Ivanti ZTA Gateway < 2.8R2.3-723, and Ivanti Neurons for Secure Access
CVE-2025-55143
Reflected text injection in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote unauthenticated attacker to inject arbitrary te...
CVE-2025-55139
SSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with admin privileges to enumerate internal...
CVE-2025-55148
Ivanti vulnerabilities (CVE-2025-55148 and related) affect Ivanti Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access. Root cause: missing authorization checks allow a remote authenticated attacker with read-only admin privileges to configure restricted settings (fix deploy...
CVE-2025-55145
Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker to hijack existing HTML5...
CVE-2025-8711
CSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote unauthenticated attacker to execute limited actions on behalf of th...
CVE-2025-8712
Ivanti reports a missing authorization flaw (CVE-2025-8712) affecting Ivanti Connect Secure before 22.7R2.9/22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 22.8R2.3-723, and Ivanti Neurons for Secure Access before 22.8R1.4. The issue allows a remote authenticated attacker ...
CVE-2025-8712
Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...
September Security Advisory Ivanti Connect Secure, Policy Secure, ZTA Gateways and Neurons for Secure Access (Multiple CVEs)
Update 10 Sept Ivanti Policy Secure: Affected and Resolved in Versions updated Summary Ivanti has released updates for Ivanti Connect Secure, Policy Secure, ZTA Gateways and Neurons for Secure Access which addresses six medium and five high vulnerabilities. We are not aware of any customers being...
Ivanti多款产品 安全漏洞
Ivanti Connect Secure ICS and others are products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure IPS is a network access control NAC solution.Ivanti Neurons is Ivanti Neurons is a groundbreaking platform that simplifies and...
Ivanti多款产品 跨站请求伪造漏洞
Ivanti Connect Secure ICS and others are products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure IPS is a Network Access Control NAC solution.Ivanti Neurons is Ivanti Neurons is a groundbreaking platform that simplifies and...