Total
90 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-32844 | 1 Ivanti | 1 Endpoint Manager | 2025-04-23 | N/A | N/A |
| SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | |||||
| CVE-2024-34780 | 1 Ivanti | 1 Endpoint Manager | 2025-04-23 | N/A | 7.2 HIGH |
| SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | |||||
| CVE-2024-13161 | 1 Ivanti | 1 Endpoint Manager | 2025-03-13 | N/A | 7.5 HIGH |
| Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | |||||
| CVE-2024-13160 | 1 Ivanti | 1 Endpoint Manager | 2025-03-13 | N/A | 7.5 HIGH |
| Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | |||||
| CVE-2024-13159 | 1 Ivanti | 1 Endpoint Manager | 2025-03-13 | N/A | 7.5 HIGH |
| Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | |||||
| CVE-2024-29824 | 1 Ivanti | 1 Endpoint Manager | 2024-11-29 | N/A | 8.8 HIGH |
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-50327 | 1 Ivanti | 1 Endpoint Manager | 2024-11-18 | N/A | 7.2 HIGH |
| SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | |||||
| CVE-2024-50326 | 1 Ivanti | 1 Endpoint Manager | 2024-11-18 | N/A | 7.2 HIGH |
| SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | |||||
| CVE-2024-50328 | 1 Ivanti | 1 Endpoint Manager | 2024-11-18 | N/A | 7.2 HIGH |
| SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | |||||
| CVE-2024-50329 | 1 Ivanti | 1 Endpoint Manager | 2024-11-18 | N/A | 8.8 HIGH |
| Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required. | |||||
| CVE-2024-50324 | 1 Ivanti | 1 Endpoint Manager | 2024-11-18 | N/A | 7.2 HIGH |
| Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | |||||
| CVE-2024-50323 | 1 Ivanti | 1 Endpoint Manager | 2024-11-18 | N/A | 7.8 HIGH |
| SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required. | |||||
| CVE-2024-50322 | 1 Ivanti | 1 Endpoint Manager | 2024-11-18 | N/A | 7.8 HIGH |
| Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required. | |||||
| CVE-2024-29829 | 1 Ivanti | 1 Endpoint Manager | 2024-10-03 | N/A | 8.0 HIGH |
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29846 | 1 Ivanti | 1 Endpoint Manager | 2024-10-03 | N/A | 8.0 HIGH |
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29830 | 1 Ivanti | 1 Endpoint Manager | 2024-10-03 | N/A | 8.0 HIGH |
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29828 | 1 Ivanti | 1 Endpoint Manager | 2024-10-03 | N/A | 8.0 HIGH |
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29822 | 1 Ivanti | 1 Endpoint Manager | 2024-10-03 | N/A | 8.8 HIGH |
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29825 | 1 Ivanti | 1 Endpoint Manager | 2024-10-03 | N/A | 8.8 HIGH |
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29823 | 1 Ivanti | 1 Endpoint Manager | 2024-10-03 | N/A | 8.8 HIGH |
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | |||||