Ivanti | KEV Database

CVE-2026-1281 CRITICAL

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

CVSS 9.8

Added Jan 29

CVE-2025-4427 MEDIUM

Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

CVSS 5.3

Added May 19

CVE-2025-4428 HIGH

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

CVSS 7.2

Added May 19

CVE-2025-22457 CRITICAL Ransomware

Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

Ivanti Connect Secure, Policy Secure, and ZTA Gateways

CVSS 9

Added Apr 04

CVE-2024-13159 CRITICAL

Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Ivanti Endpoint Manager (EPM)

CVSS 9.8

Added Mar 10

CVE-2024-13160 CRITICAL

Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Ivanti Endpoint Manager (EPM)

CVSS 9.8

Added Mar 10

CVE-2024-13161 CRITICAL

Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Ivanti Endpoint Manager (EPM)

CVSS 9.8

Added Mar 10

CVE-2025-0282 CRITICAL Ransomware

Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

Ivanti Connect Secure, Policy Secure, and ZTA Gateways

CVSS 9

Added Jan 08

CVE-2024-9379 MEDIUM

Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability

Ivanti Cloud Services Appliance (CSA)

CVSS 6.5

Added Oct 09

CVE-2024-9380 HIGH

Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability

Ivanti Cloud Services Appliance (CSA)

CVSS 7.2

Added Oct 09

CVE-2024-29824 CRITICAL

Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability

Ivanti Endpoint Manager (EPM)

CVSS 9.6

Added Oct 02

CVE-2024-7593 CRITICAL

Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability

Ivanti Virtual Traffic Manager

CVSS 9.8

Added Sep 24

CVE-2024-8963 CRITICAL

Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability

Ivanti Cloud Services Appliance (CSA)

CVSS 9.4

Added Sep 19

CVE-2024-8190 HIGH

Ivanti Cloud Services Appliance OS Command Injection Vulnerability

Ivanti Cloud Services Appliance

CVSS 7.2

Added Sep 13

CVE-2021-44529 CRITICAL Ransomware

Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability

Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA)

CVSS 9.8

Added Mar 25

CVE-2024-21893 HIGH Ransomware

Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability

Ivanti Connect Secure, Policy Secure, and Neurons

CVSS 8.2

Added Jan 31

CVE-2023-35082 CRITICAL Ransomware

Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core

CVSS 10

Added Jan 18

CVE-2023-46805 HIGH Ransomware

Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability

Ivanti Connect Secure and Policy Secure

CVSS 8.2

Added Jan 10

CVE-2024-21887 CRITICAL Ransomware

Ivanti Connect Secure and Policy Secure Command Injection Vulnerability

Ivanti Connect Secure and Policy Secure

CVSS 9.1

Added Jan 10

CVE-2023-38035 CRITICAL Ransomware

Ivanti Sentry Authentication Bypass Vulnerability

Ivanti Sentry

CVSS 9.8

Added Aug 22

CVE-2023-35081 HIGH

Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

CVSS 7.2

Added Jul 31

CVE-2023-35078 CRITICAL Ransomware

Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

CVSS 10

Added Jul 25

CVE-2019-11510 CRITICAL Ransomware

Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability

Ivanti Pulse Connect Secure

CVSS 9.9

Added Nov 03

CVE-2019-11539 HIGH Ransomware

Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability

Ivanti Pulse Connect Secure and Pulse Policy Secure

CVSS 8

Added Nov 03

CVE-2020-15505 CRITICAL

Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability

Ivanti MobileIron Multiple Products

CVSS 9.8

Added Nov 03

CVE-2020-8243 HIGH

Ivanti Pulse Connect Secure Code Execution Vulnerability

Ivanti Pulse Connect Secure

CVSS 7.2

Added Nov 03

CVE-2020-8260 HIGH

Ivanti Pulse Connect Secure Code Execution Vulnerability

Ivanti Pulse Connect Secure

CVSS 7.2

Added Nov 03

CVE-2021-22893 CRITICAL Ransomware

Ivanti Pulse Connect Secure Use-After-Free Vulnerability

Ivanti Pulse Connect Secure

CVSS 10

Added Nov 03

CVE-2021-22894 HIGH

Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability

Ivanti Pulse Connect Secure

CVSS 8.8

Added Nov 03

CVE-2021-22899 HIGH

Ivanti Pulse Connect Secure Command Injection Vulnerability

Ivanti Pulse Connect Secure

CVSS 8.8

Added Nov 03

CVE-2021-22900 HIGH

Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability

Ivanti Pulse Connect Secure

CVSS 7.2

Added Nov 03

By Vendor

By Product

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability

Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability

Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability

Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability

Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability

Ivanti Cloud Services Appliance OS Command Injection Vulnerability

Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability

Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability

Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability

Ivanti Connect Secure and Policy Secure Command Injection Vulnerability

Ivanti Sentry Authentication Bypass Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability

Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability

Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability

Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability

Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability

Ivanti Pulse Connect Secure Code Execution Vulnerability

Ivanti Pulse Connect Secure Code Execution Vulnerability

Ivanti Pulse Connect Secure Use-After-Free Vulnerability

Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability

Ivanti Pulse Connect Secure Command Injection Vulnerability

Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability