Endpoint Manager Security Vulnerabilities and Issues — Endpoint Manager CVE List

Lucene search

IvantiEndpoint Manager

11 matches found

CVE•added 2024/05/31 6:15 p.m.•160 views

CVE-2024-29824

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

9.6CVSS9AI score0.94317EPSS

CVE•added 2024/05/31 6:15 p.m.•52 views

CVE-2024-29822

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

9.6CVSS9AI score0.0029EPSS

CVE•added 2024/05/31 6:15 p.m.•42 views

CVE-2024-29823

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

9.6CVSS9AI score0.01329EPSS

CVE•added 2024/05/31 6:15 p.m.•41 views

CVE-2024-29826

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

9.6CVSS9AI score0.01329EPSS

CVE•added 2024/05/31 6:15 p.m.•37 views

CVE-2024-29825

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

9.6CVSS9AI score0.01329EPSS

CVE•added 2024/05/31 6:15 p.m.•36 views

CVE-2024-29827

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

9.6CVSS9AI score0.0029EPSS

CVE•added 2024/05/31 6:15 p.m.•32 views

CVE-2024-29830

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.

8.4CVSS8.7AI score0.00137EPSS

CVE•added 2024/05/31 6:15 p.m.•31 views

CVE-2024-29828

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.

8.4CVSS8.7AI score0.00137EPSS

CVE•added 2024/05/31 6:15 p.m.•31 views

CVE-2024-29846

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.

8.4CVSS8.7AI score0.00137EPSS

CVE•added 2024/05/31 6:15 p.m.•29 views

CVE-2024-29829

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.

8.4CVSS8.7AI score0.00137EPSS

CVE•added 2024/05/31 6:15 p.m.•26 views

CVE-2024-22058

A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older.

7.8CVSS8.3AI score0.00095EPSS