Vulnerabilities in Ivanti

376 results

CVE-2024-10630HIGHA race condition in Ivanti Application Control Engine before version 10.14.4.0 allows a local authenticated attacker to bypass the applicatiEPSS 0.2%CVE-2025-10918HIGHInsecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write EPSS 0.2%CVE-2024-8539HIGHImproper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configEPSS 0.2%CVE-2024-9842HIGHIncorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary foldersEPSS 0.2%CVE-2024-11597HIGHUnder specific circumstances, insecure permissions in Ivanti Performance Manager before version 2024.3 HF1, 2024.1 HF1, or 2023.3 HF1 allowsEPSS 0.2%CVE-2024-9845HIGHUnder specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to aEPSS 0.2%CVE-2024-10251HIGHUnder specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attackerEPSS 0.2%CVE-2024-8496HIGHUnder specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attackEPSS 0.2%CVE-2024-11598HIGHUnder specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allowsEPSS 0.2%CVE-2024-10256HIGHInsufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated attacker to delete arbitrary files.EPSS 0.2%CVE-2024-13813HIGHInsufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary fileEPSS 0.2%CVE-2024-7572HIGHInsufficient permissions in Ivanti DSM before version 2024.3.5740 allows a local authenticated attacker to delete arbitrary files.EPSS 0.2%CVE-2025-6995HIGHImproper Encryption in Ivanti Endpoint ManagerEPSS 0.2%CVE-2025-6996HIGHImproper Encryption in Ivanti Endpoint ManagerEPSS 0.2%CVE-2026-7431MEDIUMAn incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user toEPSS 0.2%CVE-2024-44105HIGHCleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allEPSS 0.2%

← previouspage 19 / 19next →