cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-28323,https://securityvulnerability.io/vulnerability/CVE-2023-28323,Privilege Escalation Vulnerability in EPM 2022 by Ivanti,"The vulnerability exists in EPM 2022 Su3 and all prior versions, allowing unauthenticated users to modify data through the deserialization of untrusted input. This flaw could enable attackers to elevate their privileges, potentially combining it with other operating system vulnerabilities to gain higher access rights on the machine. Furthermore, it can serve as a foothold for accessing other devices within the network, posing significant security risks.",Ivanti,Ivanti Endpoint Manager,9.8,CRITICAL,0.011640000157058239,false,,false,false,false,,,false,false,,2023-07-01T00:15:00.000Z,0
CVE-2023-28324,https://securityvulnerability.io/vulnerability/CVE-2023-28324,Improper Input Validation in Ivanti Endpoint Manager by Ivanti,"An improper input validation vulnerability exists in Ivanti Endpoint Manager, affecting versions released up to 2022. This security issue can be exploited by attackers to perform privilege escalation or execute remote code, potentially compromising the security of the affected systems. It is crucial for users of Ivanti Endpoint Manager to ensure that they apply the necessary patches to mitigate the risks associated with this vulnerability.",Ivanti,Ivanti Endpoint Manager,9.8,CRITICAL,0.04642999917268753,false,,false,false,false,,,false,false,,2023-07-01T00:15:00.000Z,0
CVE-2022-35259,https://securityvulnerability.io/vulnerability/CVE-2022-35259,XML Injection Vulnerability in Ivanti Endpoint Manager,"The vulnerability in Ivanti Endpoint Manager allows an attacker to exploit XML Injection, enabling them to trigger a download of malicious files. When executed, these files could potentially allow unauthorized privileges, posing significant security risks. Users of Ivanti Endpoint Manager 2022.3 and earlier versions should take immediate action to mitigate this security flaw.",Ivanti,Ivanti Endpoint Manager,7.8,HIGH,0.0006200000061653554,false,,false,false,false,,,false,false,,2022-12-05T00:00:00.000Z,0
CVE-2022-30121,https://securityvulnerability.io/vulnerability/CVE-2022-30121,Privilege Escalation Vulnerability in LANDesk Management Agent by Ivanti,"The LANDesk Management Agent service has a vulnerability that permits connected users to execute commands limited to signed executables. This flaw can be exploited by a user with standard privileges, granting potential unauthorized escalation of privileges on the affected system. This raises significant security concerns, as it may allow for restricted access to sensitive functionalities within the environment.",Ivanti,Ivanti Endpoint Manager,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-09-23T13:37:51.000Z,0