Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Ivanti — Vulnerabilities & Security Advisories 363

Browse all 363 CVE security advisories affecting Ivanti. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Ivanti provides enterprise IT service management and endpoint management solutions, primarily facilitating workflow automation and device control for large organizations. The company’s software portfolio has historically been a significant target for attackers, resulting in a substantial record of 358 Common Vulnerabilities and Exposures. These security flaws frequently involve critical classes such as remote code execution, cross-site scripting, and privilege escalation, often stemming from complex integrations within its service management platforms. A notable incident occurred in 2021 when the SambaCry vulnerability allowed unauthenticated remote code execution, compromising thousands of systems globally. This event underscored the risks associated with legacy codebases and insufficient patch management cycles. Consequently, Ivanti has faced intense scrutiny regarding its development practices and incident response capabilities, prompting industry-wide recommendations for immediate isolation and rigorous vulnerability scanning of affected endpoints to mitigate potential data breaches and operational disruptions.

Top products by Ivanti: Avalanche Endpoint Manager Connect Secure EPM Endpoint Manager Mobile Secure Access Client EPMM Workspace Control CSA (Cloud Services Appliance) ICS Cloud Services Application ITSM Wavelink DSM Sentry Desktop and Server Management Neurons for ITSM (On-Premise) MobileIron Core Ivanti Endpoint Manager Secure Access Linux Secure Access Client Windows Automation Desktop & Server Management (DSM) Connect Secure 22.7R2.9 Connect Secure before Virtual Application Delivery ControllerCWE-862 Policy Secure Neurons for ITSM (on-prem) LANDesk Management Suite Security Controls
CVE IDTitleCVSSSeverityPublished
CVE-2025-62392 Ivanti Endpoint Manager SQL注入漏洞 — Endpoint ManagerCWE-89 6.5 Medium2025-10-13
CVE-2025-11623 Ivanti Endpoint Manager SQL注入漏洞 — Endpoint ManagerCWE-89 6.5 Medium2025-10-13
CVE-2025-9713 Ivanti Endpoint Manager 路径遍历漏洞 — Endpoint ManagerCWE-22 8.8 High2025-10-13
CVE-2025-11622 Ivanti Endpoint Manager 代码问题漏洞 — Endpoint ManagerCWE-502 7.8 High2025-10-13
CVE-2025-55144 Ivanti多款产品 安全漏洞 — Connect SecureCWE-862 5.4 Medium2025-09-09
CVE-2025-55143 Ivanti多款产品 跨站脚本漏洞 — Connect SecureCWE-79 6.1 Medium2025-09-09
CVE-2025-55142 Ivanti多款产品 安全漏洞 — Connect SecureCWE-862 8.8 High2025-09-09
CVE-2025-55141 Ivanti多款产品 安全漏洞 — Connect SecureCWE-862 8.8 High2025-09-09
CVE-2025-55139 Ivanti多款产品 代码问题漏洞 — Connect SecureCWE-918 6.8 Medium2025-09-09
CVE-2025-55148 Ivanti多款产品 安全漏洞 — Connect SecureCWE-862 7.6 High2025-09-09
CVE-2025-55147 Ivanti多款产品 跨站请求伪造漏洞 — Connect SecureCWE-352 8.8 High2025-09-09
CVE-2025-55146 Ivanti多款产品 安全漏洞 — Connect SecureCWE-252 4.9 Medium2025-09-09
CVE-2025-55145 Ivanti多款产品 安全漏洞 — Connect Secure 22.7R2.9CWE-862 8.9 High2025-09-09
CVE-2025-8711 Ivanti多款产品 跨站请求伪造漏洞 — Connect SecureCWE-352 5.4 Medium2025-09-09
CVE-2025-8712 Ivanti多款产品 安全漏洞 — Connect Secure beforeCWE-862 5.4 Medium2025-09-09
CVE-2025-9872 Ivanti Endpoint Manager 安全漏洞 — Endpoint ManagerCWE-434 8.8 High2025-09-09
CVE-2025-9712 Ivanti Endpoint Manager 安全漏洞 — Endpoint ManagerCWE-434 8.8 High2025-09-09
CVE-2025-5468 Ivanti多款产品 安全漏洞 — Connect SecureCWE-61 5.5 Medium2025-08-12
CVE-2025-5466 Ivanti多款产品 安全漏洞 — Connect SecureCWE-776 4.9 Medium2025-08-12
CVE-2025-5462 Ivanti多款产品 安全漏洞 — Connect SecureCWE-122 7.5 High2025-08-12
CVE-2025-5456 Ivanti多款产品 缓冲区错误漏洞 — Connect SecureCWE-125 7.5 High2025-08-12
CVE-2025-8310 Ivanti Virtual Application Delivery Controller 安全漏洞 — Virtual Application Delivery ControllerCWE-862CWE-862 6.5 Medium2025-08-12
CVE-2025-8297 Ivanti Avalanche 代码问题漏洞 — AvalancheCWE-434 7.2 High2025-08-12
CVE-2025-8296 Ivanti Avalanche SQL注入漏洞 — AvalancheCWE-89 7.2 High2025-08-12
CVE-2023-39339 Ivanti Policy Secure 安全漏洞 — Policy Secure 4.9AIMediumAI2025-07-12
CVE-2024-38648 Ivanti Desktop and Server Management 安全漏洞 — DSM 5.7AIMediumAI2025-07-12
CVE-2023-38036 Ivanti Avalanche Manager 安全漏洞 — Avalanche 9.8AICriticalAI2025-07-12
CVE-2023-39338 Ivanti Sentry 安全漏洞 — Sentry 6.5AIMediumAI2025-07-12
CVE-2025-6771 OS command injection in Ivanti Endpoint Manager — Endpoint Manager MobileCWE-78 7.2 High2025-07-08
CVE-2025-0292 Ivanti Connect Secure和Ivanti Policy Secure 代码问题漏洞 — Connect SecureCWE-918 5.5 Medium2025-07-08

This page lists every published CVE security advisory associated with Ivanti. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.