Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Endpoint_manager
(Ivanti)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 51 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-05-31 | CVE-2024-29825 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | Endpoint_manager | 8.8 | ||
| 2024-05-31 | CVE-2024-29826 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | Endpoint_manager | 8.8 | ||
| 2024-05-31 | CVE-2024-29827 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | Endpoint_manager | 8.8 | ||
| 2024-05-31 | CVE-2024-29828 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | Endpoint_manager | 8.0 | ||
| 2024-05-31 | CVE-2024-29829 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | Endpoint_manager | 8.0 | ||
| 2024-05-31 | CVE-2024-29830 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | Endpoint_manager | 8.0 | ||
| 2024-05-31 | CVE-2024-29846 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | Endpoint_manager | 8.0 | ||
| 2024-11-12 | CVE-2024-50322 | Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required. | Endpoint_manager | 7.8 | ||
| 2024-11-12 | CVE-2024-50323 | SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required. | Endpoint_manager | 7.8 | ||
| 2024-11-12 | CVE-2024-50324 | Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | Endpoint_manager | 7.2 |