CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker to hijack existing HTML5...

8.9CVSS6.8AI score0.00569EPSS

Exploits0References1

OSV•added 2025/09/09 4:15 p.m.•2 views

CVE-2025-8711

CSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote unauthenticated attacker to execute limited actions on behalf of th...

5.4CVSS6AI score0.00101EPSS

Exploits0References1

OSV•added 2025/09/09 4:15 p.m.•0 views

CVE-2025-55146

An unchecked return value in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with admin privileges t...

4.9CVSS5.9AI score

Exploits0References1

CVE•added 2025/09/09 3:55 p.m.•13 views

CVE-2025-55144

CVE-2025-55144 affects Ivanti Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access. The vulnerability is a missing authorization flaw that lets a remote authenticated attacker with read‑only admin privileges configure restricted settings. Affected versions: Connect Secure &l...

5.4CVSS6.3AI score0.01492EPSS

Exploits0References1Affected Software1

CVE•added 2025/09/09 3:37 p.m.•21 views

CVE-2025-55148

Ivanti vulnerabilities (CVE-2025-55148 and related) affect Ivanti Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access. Root cause: missing authorization checks allow a remote authenticated attacker with read-only admin privileges to configure restricted settings (fix deploy...

7.6CVSS6.3AI score0.02776EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/09/09 3:22 p.m.•4 views

CVE-2025-55145

8.9CVSS0.00569EPSS

Exploits0References1

Vulnrichment•added 2025/09/09 3:12 p.m.•1 views

CVE-2025-8712

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

5.4CVSS6.3AI score0.00892EPSS

Exploits0References1

CNNVD•added 2025/09/09 12:0 a.m.•2 views

Ivanti多款产品跨站脚本漏洞

Ivanti Connect Secure ICS and others are products of Ivanti Corporation of the U.S. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure IPS is a network access control NAC solution.Ivanti Neurons Ivanti Neurons for Secure is a secure cloud technology platform. A...

6.1CVSS6.3AI score0.00026EPSS

Exploits0References2

Positive Technologies•added 2025/09/09 12:0 a.m.•2 views

PT-2025-36742

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.9 Ivanti Connect Secure versions prior to 22.8R2 Ivanti Policy Secure versions prior to 22.7R1.6 Ivanti ZTA Gateway versions prior to 22.8R2.3-723 Ivanti Neurons for Secure Access versions prior ...

5.4CVSS6.2AI score0.00892EPSS

Exploits0References5

CNNVD•added 2025/09/09 12:0 a.m.•1 views

Ivanti多款产品跨站请求伪造漏洞

Ivanti Connect Secure ICS and others are products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure IPS is a Network Access Control NAC solution.Ivanti Neurons is Ivanti Neurons is a groundbreaking platform that simplifies and...

5.4CVSS6.5AI score0.00101EPSS

Exploits0References2

CNNVD•added 2025/09/09 12:0 a.m.•1 views

Ivanti多款产品安全漏洞

Ivanti Connect Secure ICS, among others, are products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure IPS is a network access control NAC solution.Ivanti Neurons Ivanti Neurons for Secure is a secure cloud technology platform. A...

5.4CVSS6.5AI score0.01492EPSS

Exploits0References2

Positive Technologies•added 2025/09/09 12:0 a.m.•2 views

PT-2025-36747

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.9 Ivanti Policy Secure versions prior to 22.7R1.6 Ivanti ZTA Gateway versions prior to 2.8R2.3-723 Ivanti Neurons for Secure Access versions prior to 22.8R1.4 Description: A missing authorization...

8.8CVSS6.4AI score0.03843EPSS

Exploits0References6

RedhatCVE•added 2025/08/14 3:49 p.m.•7 views

CVE-2025-5468

Improper handling of symbolic links in Ivanti Connect Secure before version 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a local authenticated attacker to re...

5.5CVSS6.9AI score0.0008EPSS

Exploits0References1

RedhatCVE•added 2025/08/14 3:49 p.m.•4 views

CVE-2025-5456

A buffer over-read vulnerability in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote unauthenticated attacker to trigger a...

7.5CVSS7.6AI score0.00637EPSS

Exploits0References1

NVD•added 2025/08/12 3:15 p.m.•3 views

CVE-2025-5456

7.5CVSS0.00637EPSS

Exploits0References1

NVD•added 2025/08/12 3:15 p.m.•3 views

CVE-2025-5462

A heap-based buffer overflow in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote unauthenticated attacker to trigger a deni...

7.5CVSS0.00583EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by