VDB
GCVE-110-NCSC-2025-253
GCVE-110-NCSC-2025-253
Advisory PublishedCVSS 7.5/10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Weaknesses (CWE)
CWE-125Out-of-bounds ReadCWE-122Heap-based Buffer OverflowCWE-776Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')CWE-61UNIX Symbolic Link (Symlink) Following
Risk Scores
CVSS 3.1
7.5/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Ivanti | vers:unknown/22.7r2.8 | — | — |
| Ivanti | vers:unknown/2.8r2.3-723 | — | — |
| Ivanti | vers:unknown/22.8r2.3-723 | — | — |
| Ivanti | vers:unknown/<22.7r1.5 | — | — |
| Ivanti | vers:unknown/22.7r1.5 | — | — |
| Ivanti | vers:unknown/<22.8r2 | — | — |
| Ivanti | vers:unknown/22.8r2 | — | — |
| Ivanti | vers:unknown/22.8r1.4(fixdeployedon02-aug-2025) | — | — |
| Ivanti | vers:unknown/<22.7r2.8 | — | — |
Browse GCVE Records
72,409 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.