Known vulnerabilities in Ivanti Ivanti Connect Secure (formerly Pulse Connect Secure)

Vendor: Ivanti
Website: https://www.ivanti.com/
Total Security Bulletins: 40

Security bulletins (40)

Secuity bulletin Severity Status Published
SB2025090963: Multiple vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Medium
Patched
09.09.2025
SB2025081240: Multiple vulnerabilities in Ivanti Connect Secure and Policy Secure Medium
Patched
12.08.2025
SB2025070874: Multiple vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Medium
Patched
08.07.2025
SB20250403123: Remote unauthenticated code execution in Ivanti Connect Secure Critical
Patched Exploited
03.04.2025
SB2025021312: Multiple vulnerabilities in Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) Medium
Patched
13.02.2025
SB2025021311: Use of Hard-coded Cryptographic Key in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) Low
Patched
13.02.2025
SB2025021310: Multiple vulnerabilities in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) Low
Patched
13.02.2025
SB2025010871: Multiple vulnerabilities in Ivanti Connect Secure Critical
Patched Exploited
08.01.2025
SB2024121176: Privilege escalation in Ivanti Connect Secure and Ivanti Policy Secure Low
Patched
11.12.2024
SB2024121175: Multiple vulnerabilities in Ivanti Connect Secure Medium
Patched
11.12.2024
SB2024121174: Heap-based buffer overflow in Ivanti Connect Secure IPsec Medium
Patched
11.12.2024
SB2024121173: Denial of service in Ivanti Connect Secure IPsec Medium
Patched
11.12.2024
SB2024111422: Multiple vulnerabilities in Ivanti Connect Secure and Policy Secure Medium
Patched
14.11.2024
SB2024101122: CRLF injection in Ivanti Connect Secure and Policy Secure Low
Patched Public exploit
11.10.2024
SB2024052216: CRLF injection in Ivanti Connect Secure and Ivanti Policy Secure Low
Patched
22.05.2024
SB2024040440: Multiple vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways High
Patched
04.04.2024
SB2024020906: XXE in Ivanti Connect Secure and Policy Secure High
Patched Exploited
09.02.2024
SB2024011081: Multiple vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways Critical
Patched Exploited
10.01.2024
SB2022092731: HTTP request smuggling in Pulse Connect Secure Medium
Patched
27.09.2022
SB2021102201: Denial of service in Pulse Connect Secure Medium
Patched
22.10.2021


Showing elements 1 - 20 out of 40