Vulnerabilities > Ivanti > Endpoint Manager > 2021.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-05 | CVE-2022-35259 | XML Injection (aka Blind XPath Injection) vulnerability in Ivanti Endpoint Manager XML Injection with Endpoint Manager 2022. | 7.8 |
| 2022-09-23 | CVE-2022-30121 | Unspecified vulnerability in Ivanti Endpoint Manager The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. | 6.7 |