Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
1 CRITICAL7 HIGH12 MEDIUM
CVE-2026-1602
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.016
CVE-2025-62392
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.016
CVE-2025-62391
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.016
CVE-2025-62390
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.016
CVE-2025-62389
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.015
CVE-2025-62388
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.015
CVE-2025-62387
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.015
CVE-2025-62386
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.015
CVE-2025-62385
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.014
CVE-2025-62384
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.014
CVE-2025-62383
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.014
CVE-2025-11623
MEDIUM CVSS 6.5
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
ivanti
NVD RRF 0.014
CVE-2025-7037
HIGH CVSS 7.2
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a remote authenticated attacker with admin privileges to read arbitrary data from the database
ivanti
NVD RRF 0.014
CVE-2025-22461
HIGH CVSS 7.2
Find Similar
SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote authenticated attacker with admin privileges to achieve code execution.
ivanti
NVD RRF 0.014
CVE-2026-8111
HIGH CVSS 8.8
Find Similar
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.
ivanti
NVD RRF 0.013
CVE-2024-8191
CRITICAL CVSS 9.8
Find Similar
SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.
ivanti
NVD RRF 0.013
CVE-2024-34785
HIGH CVSS 7.2
Find Similar
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti
NVD RRF 0.013
CVE-2024-34783
HIGH CVSS 7.2
Find Similar
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti
NVD RRF 0.013
CVE-2024-34779
HIGH CVSS 7.2
Find Similar
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti
NVD RRF 0.013
CVE-2024-32848
HIGH CVSS 7.2
Find Similar
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti
NVD RRF 0.013
Page 1+ Next →