Lucene search
K
IvantiMost viewed

282 matches found

Ivanti
Ivanti
added 2025/02/11 3:1 p.m.793 views

February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) (Multiple CVEs)

Summary Ivanti has released updates for Ivanti Connect Secure ICS,Ivanti Policy Secure IPS and Ivanti Secure Access Client ISAC which addresses medium, high and critical severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure...

9.9CVSS8.2AI score0.03705EPSS
Exploits0
Ivanti
Ivanti
added 2025/03/11 1:52 p.m.725 views

March Security Advisory Ivanti Secure Access Client (ISAC) (CVE-2025-22454)

Summary Ivanti has released updates for Ivanti Secure Access Client ISAC which addresses one high severity vulnerability. Successful exploitation could lead to privilege escalation. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability...

7.8CVSS7.2AI score0.00287EPSS
Exploits0
Ivanti
Ivanti
added 2025/03/10 6:55 p.m.721 views

Security Advisory March 2025 Ivanti Neurons for MDM (N-MDM)

Summary Ivanti has released updates for Ivanti Neurons for MDM N-MDM which addresses a medium severity vulnerability. We are not aware of any customers being exploited by this vulnerability at the time of disclosure. Vulnerability Details: Description| CVSS Score Severity| CVSS Vector| CWE...

6.9AI score
Exploits0
Ivanti
Ivanti
added 2025/02/11 3:0 p.m.719 views

N-MDM - Security Advisory Ivanti Neurons for MDM (N-MDM)

Summary Ivanti has released updates for Ivanti Neurons for MDM N-MDM which addresses a medium severity vulnerability. We are not aware of any customers being exploited by this vulnerability at the time of disclosure. Vulnerability Details: Description | CVSS Score Severity | CVSS Vector | CWE...

7.1AI score
Exploits0
Ivanti
Ivanti
added 2025/02/11 3:0 p.m.616 views

Security Advisory Ivanti Cloud Services Application (CSA) (CVE-2024-47908, CVE-2024-11771)

Summary Ivanti has released updates for Ivanti Cloud Services Application CSA which addresses critical and medium severity vulnerabilities. Successful exploitation of CVE-2024-47908 could allow a remote authenticated attacker to achieve remote code execution and CVE-2024-11771 could allow a remot...

9.1CVSS8.6AI score0.21975EPSS
Exploits0
Ivanti
Ivanti
added 2025/01/09 4:18 p.m.577 views

Security Advisory Ivanti Avalanche 6.4.7 (Multiple CVEs)

Summary Ivanti has released updates for Ivanti Avalanche which addresses three high severity vulnerabilities. Successful exploitation of CVE-2024-13181 could allow a remote unauthenticated attacker to bypass authentication. CVE-2024-13180 could allow a remote unauthenticated attacker to leak...

9.8CVSS9.9AI score0.61812EPSS
Exploits0
Ivanti
Ivanti
added 2025/01/08 4:55 p.m.529 views

Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283) 

Update: 21 Jan 2025 Patch Now Available for IPS & ZTA Gateways Summary: Ivanti has released an update that addresses one critical and one high vulnerability in Ivanti Connect Secure, Policy Secure and ZTA Gateways. Successful exploitation of CVE-2025-0282 could lead to unauthenticated remote code...

9CVSS8.7AI score0.99971EPSS
Exploits13
Ivanti
Ivanti
added 2025/04/08 2:1 p.m.514 views

Security Advisory April 2025 for Ivanti EPM 2024 and EPM 2022 SU6

Security Advisory Ivanti EPM 2022 SU6 and EPM 2024 Multiple CVEs Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses medium and high vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability...

9.6CVSS8AI score0.01311EPSS
Exploits1
Ivanti
Ivanti
added 2026/05/07 2:11 p.m.128 views

May 2026 Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (Multiple CVEs)

Summary Ivanti has released updates for Ivanti Endpoint Manager Mobile EPMM which addresses five high severity vulnerabilities. We are aware of a very limited number of customers exploited with CVE-2026-6973. Successful exploitation requires Admin authentication. If customers followed Ivanti’s...

9.8CVSS6.1AI score0.34454EPSS
Exploits0
Ivanti
Ivanti
added 2025/08/12 2:4 p.m.50 views

August Security Advisory Ivanti Virtual Application Delivery Controller (vADC previously vTM) (CVE-2025-8310)

Summary Ivanti has released updates for Ivanti Virtual Application Delivery Controller vADC, previously Virtual Traffic Manager vTM, which addresses one medium severity vulnerability. Successful exploitation could lead to account takeover. We are not aware of any customers being exploited by this...

8.8CVSS7.2AI score0.00735EPSS
Exploits0
Ivanti
Ivanti
added 2025/04/03 1:53 p.m.43 views

April Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457)

This advisory has been updated to make it clear the vulnerability was fully patched in Ivanti Connect Secure released February 11, 2025. Update April 23, 2025: This advisory has been updated to reflect changes to the Ivanti Policy Secure Versioning and the affected release date. Update May 14,...

9.8CVSS10AI score0.99973EPSS
Exploits7
Ivanti
Ivanti
added 2026/05/12 2:2 p.m.37 views

May 2026 Security Advisory Ivanti Secure Access Client (CVE-2026-7431, CVE-2026-7432)

Update 22 May: CVE-2026-8992 has been added to Vulnerability Details Summary Ivanti has released updates for the Ivanti Secure Access Client which addresses one medium severity vulnerability and two High severity vulnerabilities. We are not aware of any customers being exploited by these...

8.8CVSS6.2AI score0.00564EPSS
Exploits0
Ivanti
Ivanti
added 2025/05/13 3:36 p.m.37 views

Security Advisory Ivanti Endpoint Manager Mobile (EPMM) May 2025 (CVE-2025-4427 and CVE-2025-4428)

Ivanti has released updates for Endpoint Manager Mobile EPMM which addresses one medium and one high severity vulnerability. When chained together, successful exploitation could lead to unauthenticated remote code execution. We are aware of a very limited number of customers whose solution has be...

8.8CVSS9.2AI score0.99589EPSS
Exploits10
Ivanti
Ivanti
added 2026/03/10 9:26 a.m.36 views

Security Advisory Ivanti DSM (CVE-2026-3483)

Security Advisory Ivanti DSM CVE-2026-3483 Summary Ivanti has released an update for Ivanti Desktop and Server Management DSM which addresses one high severity vulnerability. Successful exploitation could allow an attacker to elevate their local privileges. We are not aware of any customers being...

7.8CVSS5.8AI score0.00397EPSS
Exploits0
Ivanti
Ivanti
added 2026/02/09 8:55 p.m.34 views

Security Advisory EPM February 2026 for EPM 2024

Update 18 Feb: Added FAQ on patching Agents. Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses one high severity vulnerability and one medium severity vulnerability. Successful exploitation could allow a remote authenticated attacker to leak arbitrary data or...

8.6CVSS6.4AI score0.81089EPSS
Exploits0
Ivanti
Ivanti
added 2025/07/08 2:35 p.m.33 views

Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2025-6770, CVE-2025-6771)

Security Advisory Ivanti Endpoint Manager Mobile EPMM CVE-2025-6770, CVE-2025-6771 Summary Ivanti has released updates for Ivanti Endpoint Manager Mobile which addresses two high severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of...

7.2CVSS7.7AI score0.14809EPSS
Exploits0
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.33 views

SA40021 - GHOST glibc gethostbyname() buffer overflow (CVE-2015-0235)

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A buffer overflow vulnerability has been discovered in the glibc library. This issue is known as CVE-2015-0235 and is commonly referred to as "GHOST". The issue was found in the...

10CVSS8.4AI score0.94859EPSS
Exploits29
Ivanti
Ivanti
added 2026/05/12 1:59 p.m.31 views

Security Advisory Ivanti Endpoint Manager (EPM) May 2026

Security Advisory Ivanti Endpoint Manager EPM CVE-2026-8109, CVE-2026-8110, CVE-2026-811 Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses one Medium severity and two High severity vulnerabilities. Successful exploitation could lead to information disclosure, privile...

8.8CVSS6.3AI score0.00883EPSS
Exploits0
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.31 views

SA40005 - Details on fixes for OpenSSL Heartbleed issue (CVE-2014-0160)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. This article provides detailed information related to the fixes for OpenSSL "Heartbleed" issue CVE-2014-0160 for PCS/PPS products. The following PCS versions are vulnerable to the...

7.5CVSS6.6AI score0.99999EPSS
Exploits87
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.31 views

SA40100 - [Pulse Secure] December 3rd 2015 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On December 3rd, 2015 the OpenSSL project announced a group of new security advisories. These issues may affect Pulse Secure products. The OpenSSL advisory can be found at the followin...

7.5CVSS7.1AI score0.44016EPSS
Exploits1
Ivanti
Ivanti
added 2021/12/20 2:55 p.m.29 views

Is Ivanti IPCM voice vulnerable to CVE-2021-44228 Java logging library (log4j)

Last Modified Date Dec 20, 2021 2:55:48 PM...

10CVSS7AI score0.99999EPSS
Exploits348
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.28 views

SA40002 - [Pulse Secure] June 11th 2015 OpenSSL Security Advisory

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On June 11th, 2015 the OpenSSL project announced a group of new security advisories. These issues may affect Pulse Secure products. The OpenSSL advisory can be found at the following...

7.5CVSS6.6AI score0.9986EPSS
Exploits2
Ivanti
Ivanti
added 2023/08/02 3:56 p.m.27 views

CVE-2023-35082 – Remote Unauthenticated API Access Vulnerability

DESCRIPTION: Update: Since originally reporting CVE-2023-35082 on 2 August 2023 at 10:00 MDT, Ivanti has continued its investigation and has found that this vulnerability impacts all versions of Ivanti Endpoint Manager Mobile EPMM 11.10, 11.9 and 11.8 and MobileIron Core 11.7 and below. The risk ...

10CVSS7.1AI score0.99999EPSS
Exploits2
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.27 views

SA44101 - 2019-04: Out-of-Cycle Advisory: Multiple vulnerabilities resolved in Pulse Connect Secure / Pulse Policy Secure 9.0RX

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure PCS and Pulse Policy Secure PPS. This includes an authentication by-pass vulnerability that can...

10CVSS8.7AI score0.99999EPSS
Exploits38
Ivanti
Ivanti
added 2026/06/09 5:17 p.m.26 views

CVE‑2026‑49975 – HTTP/2 Denial of Service Vulnerability

Status: EPMM unaffected Summary: CVE‑2026‑49975 is a denial‑of‑service DoS vulnerability affecting HTTP/2 implementations in several web servers. The issue allows an unauthenticated attacker to exhaust server memory using specially crafted HTTP/2 requests. EPMM / Sentry rely on Apache Tomcat for...

7.5CVSS5.5AI score0.11471EPSS
Exploits7
Ivanti
Ivanti
added 2025/08/12 2:4 p.m.26 views

August Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (Multiple CVEs)

Summary Ivanti has released updates for Ivanti Connect Secure which addresses medium, high, and critical vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details: CVE Number | Description | CVSS Score Severity |...

7.5CVSS8.1AI score0.01045EPSS
Exploits0
Ivanti
Ivanti
added 2025/05/13 2:0 p.m.25 views

Security Advisory May 2025 Ivanti Neurons for MDM (N-MDM)

Update 5 August, 2025: Added additional information on security issue fixed in R114. Summary Ivanti has released updates for Ivanti Neurons for MDM N-MDM which addresses two medium severity vulnerabilities. Successful exploitation could allow a remote unauthenticated attacker to edit or delete...

7.3AI score
Exploits0
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.25 views

SA44784 - 2021-04: Out-of-Cycle Advisory: Multiple Vulnerabilities Resolved in Pulse Connect Secure 9.1R11.4

Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure PCS. This includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform remote arbitrary file execution on the Pulse Connect Secure gateway. Many of these vulnerabilities...

10CVSS9AI score0.47172EPSS
Exploits9
Ivanti
Ivanti
added 2024/12/10 3:0 p.m.24 views

Security Advisory Ivanti Cloud Services Application (CSA) (CVE-2024-11639, CVE-2024-11772, CVE-2024-11773)

Summary Ivanti has released updates for Ivanti Cloud Services Application which addresses medium, high and critical vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details: CVE Number | Description | CVSS Score...

10CVSS9.2AI score0.23598EPSS
Exploits0
Ivanti
Ivanti
added 2024/05/21 2:10 p.m.24 views

Security Advisory May 2024

Vulnerabilities have been discovered in the following Ivanti solutions and fixes are available now. Please review the knowledge base article for the associated solution for detailed information on how to remediate the weaknesses. Update October 1 : Ivanti has confirmed exploitation of...

9.6CVSS8.4AI score0.99951EPSS
Exploits5
Ivanti
Ivanti
added 2023/08/31 4:52 p.m.24 views

Security Advisory - Avalanche CVE-2023-38036

Last Modified Date Mar 8, 2024 4:49:43 PM...

9.8CVSS7.5AI score0.98919EPSS
Exploits7
Ivanti
Ivanti
added 2026/05/12 2:0 p.m.23 views

Security Advisory - Ivanti Xtraction (CVE-2026-8043)

Summary Ivanti has released an update for Ivanti Xtraction which addresses one Critical severity vulnerability. Successful exploitation could lead to sensitive information disclosure and client-side attacks. We are not aware of any customers being exploited by this vulnerability at the time of...

9.6CVSS5.9AI score0.00869EPSS
Exploits0
Ivanti
Ivanti
added 2025/06/10 2:2 p.m.23 views

Security Advisory Ivanti Workspace Control (CVE-2025-5353, CVE- CVE-2025-22463, CVE-2025-22455)

Summary Ivanti has released updates for Ivanti Workspace Control which address three high severity vulnerabilities. Successful exploitation could lead to credential compromise. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability...

8.8CVSS8.7AI score0.00352EPSS
Exploits0
Ivanti
Ivanti
added 2025/01/13 9:46 p.m.23 views

Security Advisory EPM January 2025 for EPM 2024 and EPM 2022 SU6

Update Regarding Ivanti EPM Endpoint Manager Downloads As part of our ongoing efforts to enhance your experience and streamline our processes we have migrated the software downloads from the Ivanti Community to the Ivanti License System ILS. You will continue to use your current Ivanti Single...

9.8CVSS9.7AI score0.99762EPSS
Exploits4
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.23 views

SA44193 - 2019-06: Out-of-Cycle Advisory: Multiple Linux Kernel and FreeBSD vulnerabilities

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On June 17 2019, Netflix announced a group of new security advisories related to Linux Kernel and FreeBSD. These issues may affect Pulse Secure products. For a list of supported softwa...

7.8CVSS7.1AI score0.98745EPSS
Exploits4
Ivanti
Ivanti
added 2021/12/12 3:3 a.m.23 views

Security Bulletin:CVE-2021-44228: MobileIron Remote code injection in Log4j

Affected Versions --- MobileIron Core below Core 11.5 Mobileiron Sentry Sentry 9.13 and 9.14 only Core Connector All Versions Reporting Database RDB All Versions Please Note Ivanti has tested the mitigation for the vulnerability on supported versions of the product. While it may be possible to...

10CVSS8.3AI score0.99999EPSS
Exploits348
Ivanti
Ivanti
added 2026/05/12 2:3 p.m.22 views

May 2026 Security Advisory Ivanti Virtual Traffic Manager (vTM) (CVE-2026-8051)

Summary Ivanti has released updates for Ivanti Virtual Traffic Manager which addresses one High severity vulnerability. Successful exploitation could lead to admin authenticated remote code execution. We are not aware of any customers being exploited by this vulnerability at the time of disclosur...

7.2CVSS6.1AI score0.01914EPSS
Exploits0
Ivanti
Ivanti
added 2025/07/08 1:58 p.m.22 views

July Security Advisory Ivanti Connect Secure and Ivanti Policy Secure (Multiple CVEs)

Ivanti has released updates for Ivanti Connect Secure ICS and Ivanti Policy Secure IPS, which address medium severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details: CVE Number | Description | CVSS Score...

6.6CVSS7.3AI score0.0065EPSS
Exploits0
Ivanti
Ivanti
added 2023/11/13 7:8 p.m.22 views

KB Possible Remote Exploit in ApacheMQ pertaining to OpenWire Module

Last Modified Date Mar 8, 2024 8:18:58 PM...

10CVSS7.1AI score0.99654EPSS
Exploits31
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.22 views

SA44516 - 2020-07: Security Bulletin: Multiple Vulnerabilities Resolved in Pulse Connect Secure / Pulse Policy Secure 9.1R8

Problem This advisory provides information about multiple vulnerabilities resolved in Pulse Connect Secure 9.1R8 and Pulse Policy Secure 9.1R8. Refer to KB43892 - What releases will Pulse Secure apply fixes to resolve security vulnerabilities? per our End of Engineering EOE and End of Life EOL...

8.1CVSS8.2AI score0.32739EPSS
Exploits4
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.22 views

SA44601 - 2020-10: Security Bulletin: Multiple Vulnerabilities Resolved in Pulse Connect Secure / Pulse Policy Secure / Pulse Secure Desktop Client 9.1R9

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. This advisory provides information about multiple vulnerabilities resolved in Pulse Connect Secure 9.1R9, Pulse Policy Secure 9.1R9 and Pulse Secure Desktop Client 9.1R9. Refer to KB438...

9.8CVSS8.7AI score0.9648EPSS
Exploits12
Ivanti
Ivanti
added 2023/07/19 8:13 p.m.21 views

SA-2023-07-19-CVE-2023-35077

SECURITY ADVISORY 07-19-2023 Product Affected: Ivanti Endpoint Manager A vulnerability was recently discovered for Ivanti Antivirus Security Content version 7.94791 and all previous versions. Updating to Ivanti Antivirus Product version 7.9.1.285 will allow the Security Content version to update ...

8.1CVSS7.1AI score0.01498EPSS
Exploits0
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.21 views

JSA10648 - 2014-09 Out of Cycle Security Bulletin: Multiple Products: Shell Command Injection Vulnerability in Bash

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Bash or the Bourne again shell has vulnerabilities in the way it handles environment variables when it is invoked. Under some scenarios, network based remote attackers can inject shell...

10CVSS8.1AI score0.99999EPSS
Exploits139
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.21 views

SA40202 - [Pulse Secure] May 3rd 2016 OpenSSL Security Advisory

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On May 3rd, 2016 the OpenSSL project announced new security advisories. This OpenSSL advisory can be found at the following link: https://openssl.org/news/secadv/20160503.txt Pulse Secu...

10CVSS7.6AI score0.89058EPSS
Exploits7
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.20 views

SA40015 - OpenSSL security advisory for January 8th, 2015 (including SSL "FREAK" issue)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On January 8th 2015, the OpenSSL project released a security advisory. This advisory included eight 8 new CVEs. This article will describe the vulnerability and fix status for the Puls...

5CVSS7AI score0.98685EPSS
Exploits0
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.20 views

SA40168 - [Pulse Secure] March 1st 2016 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On March 1st 2016 the OpenSSL project announced new security advisories. These issues may affect Pulse Secure products. The OpenSSL advisory can be found at the following link:...

10CVSS7.4AI score0.82112EPSS
Exploits2
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.20 views

SA40312 - September 22 2016 OpenSSL Security Advisory

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On September 22, 2016 the OpenSSL project announced a group of new security advisories. These issues affect all supported versions of Pulse Secure products. For a list of supported...

10CVSS7.3AI score0.95707EPSS
Exploits9
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.20 views

SA44440 - April 21 2020 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On April 21 2020, the OpenSSL project announced a new security advisory. These issues may affect Pulse Secure product. Refer to KB43892 - What releases will Pulse Secure apply fixes to...

7.5CVSS6.8AI score0.53336EPSS
Exploits2
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.20 views

SA45100 - CVE-2022-0778-OpenSSL-Vulnerability may lead to DoS attack

CVE-2022-0778 A vulnerability has been reported on the 15th of March 2022 under https://nvd.nist.gov/vuln/detail/CVE-2022-0778 Description - A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid explicit curve parameters. More details...

7.5CVSS7.2AI score0.70561EPSS
Exploits2
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.20 views

SA44858 - 9.1R12 Security Fixes

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Resolutions for Pulse Connect Secure CVEs Issue: As part of a rigorous code review that we have undertaken in close partnership with industry-leading third-party experts, we have...

7.2CVSS7.9AI score0.07828EPSS
Exploits1
Total number of security vulnerabilities282