Ivanti

Endpoint Manager

115 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-13164

  • EPSS 0.13%
  • Veröffentlicht 14.01.2025 18:15:27
  • Zuletzt bearbeitet 11.07.2025 17:33:47

An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges.

7.5

CVE-2024-13165

  • EPSS 1.53%
  • Veröffentlicht 14.01.2025 18:15:27
  • Zuletzt bearbeitet 11.07.2025 17:33:37

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

7.5

CVE-2024-13166

  • EPSS 2.14%
  • Veröffentlicht 14.01.2025 18:15:27
  • Zuletzt bearbeitet 11.07.2025 17:33:31

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

7.5

CVE-2024-13167

  • EPSS 1.53%
  • Veröffentlicht 14.01.2025 18:15:27
  • Zuletzt bearbeitet 11.07.2025 17:33:28

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

7.2

CVE-2024-13158

  • EPSS 24.25%
  • Veröffentlicht 14.01.2025 18:15:26
  • Zuletzt bearbeitet 12.08.2025 15:58:51

An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

7.5

CVE-2024-13159

Warnung Exploit
  • EPSS 93.96%
  • Veröffentlicht 14.01.2025 18:15:26
  • Zuletzt bearbeitet 24.10.2025 14:48:54

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.

7.5

CVE-2024-13160

Warnung Exploit
  • EPSS 93.81%
  • Veröffentlicht 14.01.2025 18:15:26
  • Zuletzt bearbeitet 24.10.2025 14:48:51

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.

7.5

CVE-2024-13161

Warnung Exploit
  • EPSS 91.32%
  • Veröffentlicht 14.01.2025 18:15:26
  • Zuletzt bearbeitet 24.10.2025 14:48:48

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.

7.2

CVE-2024-13162

  • EPSS 43.76%
  • Veröffentlicht 14.01.2025 18:15:26
  • Zuletzt bearbeitet 11.07.2025 17:33:21

SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. This CVE addresses incomplete fixes from...

7.5

CVE-2024-10811

Exploit
  • EPSS 4.65%
  • Veröffentlicht 14.01.2025 17:15:14
  • Zuletzt bearbeitet 17.06.2025 21:07:03

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.