Vulnerabilities > Ivanti

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-30	CVE-2020-8204	Cross-site Scripting vulnerability in multiple products A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page. network low complexity pulsesecure ivanti CWE-79	6.1
2020-07-27	CVE-2020-12880	An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. local low complexity pulsesecure ivanti	5.5
2020-05-18	CVE-2019-17066	Improper Privilege Management vulnerability in Ivanti Workspace Control In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. local low complexity ivanti CWE-269	7.8
2020-04-28	CVE-2020-12442	SQL Injection vulnerability in Ivanti Avalanche 6.3 Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250. network low complexity ivanti CWE-89 critical	9.8
2020-04-04	CVE-2020-11533	Unspecified vulnerability in Ivanti Workspace Control Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material). local low complexity ivanti	5.5
2020-03-19	CVE-2019-16382	Unspecified vulnerability in Ivanti Workspace Control 10.3.110.0 An issue was discovered in Ivanti Workspace Control 10.3.110.0. network low complexity ivanti critical	9.8
2019-12-17	CVE-2019-19675	Incorrect Default Permissions vulnerability in Ivanti Workspace Control In Ivanti Workspace Control before 10.3.180.0. local low complexity ivanti CWE-276	7.8
2019-07-11	CVE-2019-10651	Unspecified vulnerability in Ivanti Endpoint Manager 2017.3/2018.1/2018.3 An issue was discovered in the Core Server in Ivanti Endpoint Manager (EPM) 2017.3 before SU7 and 2018.x before 2018.3 SU3, with remote code execution. network low complexity ivanti critical	9.8
2019-06-28	CVE-2018-20814	Cross-site Scripting vulnerability in multiple products An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.3R2 before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. network low complexity pulsesecure ivanti CWE-79	6.1
2019-06-28	CVE-2018-20813	Improper Input Validation vulnerability in Ivanti Connect Secure 8.3 An input validation issue has been found with login_meeting.cgi in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2. network low complexity ivanti CWE-20 critical	9.8

Vulnerabilities > Ivanti {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ivanti"}]}

Vulnerabilities > Ivanti