Browse all 363 CVE security advisories affecting Ivanti. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ivanti provides enterprise IT service management and endpoint management solutions, primarily facilitating workflow automation and device control for large organizations. The company’s software portfolio has historically been a significant target for attackers, resulting in a substantial record of 358 Common Vulnerabilities and Exposures. These security flaws frequently involve critical classes such as remote code execution, cross-site scripting, and privilege escalation, often stemming from complex integrations within its service management platforms. A notable incident occurred in 2021 when the SambaCry vulnerability allowed unauthenticated remote code execution, compromising thousands of systems globally. This event underscored the risks associated with legacy codebases and insufficient patch management cycles. Consequently, Ivanti has faced intense scrutiny regarding its development practices and incident response capabilities, prompting industry-wide recommendations for immediate isolation and rigorous vulnerability scanning of affected endpoints to mitigate potential data breaches and operational disruptions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-10251 | Ivanti Security Control 安全漏洞 — Security ControlsCWE-276 | 7.8 | High | 2024-12-11 |
This page lists every published CVE security advisory associated with Ivanti. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.