CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

ivanti

neurons_for_zero-trust_access

5 known vulnerabilities · sorted by CVSS score

CVE-2025-0282

CRITICAL9.0

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

ivanti / connect_secure+10

Network

Published Jan 8, 2025

CVE-2024-21893

HIGH8.2

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.

ivanti / connect_secure+117

Network

Published Jan 31, 2024

CVE-2022-35258

HIGH7.5

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.

ivanti / connect_secure+75

Network

Published Dec 5, 2022

CVE-2022-35254

HIGH7.5

ivanti / connect_secure+75

Network

Published Dec 5, 2022

CVE-2025-0283

HIGH7.0

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.

ivanti / connect_secure+82

Local

Published Jan 8, 2025