Known Vulnerabilities for products from Ivanti

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ivanti".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-4914 json Not Provided 2026-04-14 2026-04-14
CVE-2026-4913 json Not Provided 2026-04-14 2026-04-14
CVE-2026-1340 json A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution. Not Provided 2026-01-29 2026-04-09
CVE-2024-21893 json 8.2 - HIGH 2024-01-31 2024-02-01
CVE-2024-21888 json 8.8 - HIGH 2024-01-31 2024-01-31
CVE-2024-21887 json 9.1 - CRITICAL 2024-01-12 2024-01-22
CVE-2023-46808 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 9.9 - CRITICAL 2024-03-31 2024-04-01
CVE-2023-41726 json Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability 7.8 - HIGH 2023-11-03 2023-11-09
CVE-2023-41725 json Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability 7.8 - HIGH 2023-11-03 2023-11-09
CVE-2023-41724 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 8.8 - HIGH 2024-03-31 2024-04-01
CVE-2023-41720 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.8 - HIGH 2023-12-14 2024-03-26
CVE-2023-41719 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.2 - HIGH 2023-12-14 2024-03-26
CVE-2023-41474 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 6.5 - MEDIUM 2024-01-25 2024-01-31
CVE-2023-39340 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.5 - HIGH 2023-12-16 2024-03-26
CVE-2023-38344 json An issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure vulnerability exists in the GetFileCont... 6.5 - MEDIUM 2023-09-21 2023-09-25
CVE-2023-38343 json An XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti Endpoint Manager before 2022 SU4.... 7.5 - HIGH 2023-09-21 2023-09-25
CVE-2023-38041 json A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a partic... 7 - HIGH 2023-10-25 2023-10-31
CVE-2023-38035 json A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attac... 9.8 - CRITICAL 2023-08-21 2023-09-13
CVE-2023-35084 json Unsafe Deserialization of User Input could lead to Execution of Unauthorized Operations in Ivanti Endpoint Manager 2022 su3 a... 9.8 - CRITICAL 2023-10-18 2023-10-25
CVE-2023-35083 json Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 ... 6.5 - MEDIUM 2023-10-18 2023-10-25
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Ivanti

Type Vendor Product Version
ApplicationIvantiAvalanche4.6
ApplicationIvantiDesktopampserver Management2019.1
ApplicationIvantiDsm Netinst5.1
ApplicationIvantiEndpoint Manager2016.4
ApplicationIvantiLandesk Management Suite10.0.1.168
ApplicationIvantiService Manager Heat Remote Control7.4
ApplicationIvantiWorkspace Control10.1.0.0