Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

orange tsai vulnerabilities and exploits

(subscribe to this query)
6.1
CVSSv3
CVE-2019-11507
In Pulse Secure Pulse Connect Secure (PCS) 8.3.x prior to 8.3R7.1 and 9.0.x prior to 9.0R3, an XSS issue has been found on the Application Launcher page.
Ivanti Connect Secure 9.0Ivanti Connect Secure 8.3
7.2
CVSSv3
CVE-2019-11508
In Pulse Secure Pulse Connect Secure (PCS) prior to 8.1R15.1, 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance.
Pulsesecure Pulse Connect Secure 7.4Ivanti Connect Secure 9.0Ivanti Connect Secure 8.1Ivanti Connect Secure 8.2Ivanti Connect Secure 8.3Ivanti Connect Secure 7.1Ivanti Connect Secure 7.4
7.7
CVSSv3
CVE-2019-11538
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, 8.2RX prior to 8.2R12.1, and 8.1RX prior to 8.1R15.1, an NFS problem could allow an authenticated malicious user to access the contents of arbitrary files on the affected device.
Ivanti Connect Secure 9.0Ivanti Connect Secure 8.1Ivanti Connect Secure 8.2Ivanti Connect Secure 8.3
9.8
CVSSv3
CVE-2019-11540
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4 and 8.3RX prior to 8.3R7.1 and Pulse Policy Secure version 9.0RX prior to 9.0R3.2 and 5.4RX prior to 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack.
Pulsesecure Pulse Policy Secure 5.4r1Pulsesecure Pulse Policy Secure 5.4r2Pulsesecure Pulse Policy Secure 5.4r2.1Pulsesecure Pulse Policy Secure 5.4r3Pulsesecure Pulse Policy Secure 5.4rxPulsesecure Pulse Connect Secure 8.3rxPulsesecure Pulse Policy Secure 5.4r4Pulsesecure Pulse Policy Secure 5.4r5Pulsesecure Pulse Policy Secure 5.4r5.2Pulsesecure Pulse Policy Secure 5.4r6Pulsesecure Pulse Policy Secure 5.4r6.1Pulsesecure Pulse Policy Secure 5.4r7Pulsesecure Pulse Policy Secure 9.0r1Pulsesecure Pulse Policy Secure 9.0r2Pulsesecure Pulse Policy Secure 9.0r2.1Pulsesecure Pulse Policy Secure 9.0r3Pulsesecure Pulse Policy Secure 9.0r3.1Pulsesecure Pulse Policy Secure 9.0rxPulsesecure Pulse Connect Secure 9.0r1Pulsesecure Pulse Connect Secure 9.0r2Pulsesecure Pulse Connect Secure 9.0r2.1Pulsesecure Pulse Connect Secure 9.0r3
7.5
CVSSv3
CVE-2019-11541
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, and 8.2RX prior to 8.2R12.1, users using SAML authentication with the Reuse Existing NC (Pulse) Session option may see authentication leaks.
Pulsesecure Pulse Connect Secure 8.2r1.1Pulsesecure Pulse Connect Secure 8.2r2.0Pulsesecure Pulse Connect Secure 8.2r4.0Pulsesecure Pulse Connect Secure 8.2r5.0Pulsesecure Pulse Connect Secure 8.2r1.0Pulsesecure Pulse Connect Secure 8.2r4.1Pulsesecure Pulse Connect Secure 8.2r3.1Pulsesecure Pulse Connect Secure 8.2r3.0Pulsesecure Pulse Connect Secure 8.3rxPulsesecure Pulse Connect Secure 9.0r1Pulsesecure Pulse Connect Secure 9.0r2Pulsesecure Pulse Connect Secure 9.0r2.1Pulsesecure Pulse Connect Secure 9.0r3Pulsesecure Pulse Connect Secure 9.0r3.1Pulsesecure Pulse Connect Secure 9.0r3.2Pulsesecure Pulse Connect Secure 9.0rxPulsesecure Pulse Connect Secure 8.2r5.1Pulsesecure Pulse Connect Secure 8.2r6.0Pulsesecure Pulse Connect Secure 8.2r7.0Pulsesecure Pulse Connect Secure 8.2r7.1Pulsesecure Pulse Connect Secure 8.2rxIvanti Connect Secure 8.2
6.1
CVSSv3
CVE-2019-11543
XSS exists in the admin web console in Pulse Secure Pulse Connect Secure (PCS) 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, and 8.1RX prior to 8.1R15.1 and Pulse Policy Secure 9.0RX prior to 9.0R3.2, 5.4RX prior to 5.4R7.1, and 5.2RX prior to 5.2R12.1.
Pulsesecure Pulse Policy Secure 5.2r7.0Pulsesecure Pulse Connect Secure 8.1r1.0Pulsesecure Pulse Policy Secure 5.2r2.0Pulsesecure Pulse Policy Secure 5.2r7.1Pulsesecure Pulse Policy Secure 5.2r4.0Pulsesecure Pulse Policy Secure 5.2r3.2Pulsesecure Pulse Policy Secure 5.2r1.0Pulsesecure Pulse Policy Secure 5.2r5.0Pulsesecure Pulse Policy Secure 5.2r6.0Pulsesecure Pulse Policy Secure 5.2r8.0Pulsesecure Pulse Policy Secure 5.2r3.0Pulsesecure Pulse Policy Secure 5.4r1Pulsesecure Pulse Policy Secure 5.4r2Pulsesecure Pulse Policy Secure 5.4r2.1Pulsesecure Pulse Policy Secure 5.4r3Pulsesecure Pulse Policy Secure 5.4rxPulsesecure Pulse Policy Secure 5.2r9.0Pulsesecure Pulse Policy Secure 5.2r9.1Pulsesecure Pulse Policy Secure 5.2rxPulsesecure Pulse Connect Secure 8.3rxPulsesecure Pulse Connect Secure 8.1rxPulsesecure Pulse Policy Secure 5.2r10.0
8.8
CVSSv3
CVE-2021-44142
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions before 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow ou...
Samba SambaDebian Debian Linux 10.0Debian Debian Linux 11.0Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 21.10Synology Diskstation ManagerFedoraproject Fedora 34Fedoraproject Fedora 35Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Resilient Storage 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Virtualization Host 4.0Redhat Enterprise Linux 8.0
8.8
CVSSv3
CVE-2019-11509
In Pulse Secure Pulse Connect Secure (PCS) prior to 8.1R15.1, 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4 and Pulse Policy Secure (PPS) prior to 5.1R15.1, 5.2 prior to 5.2R12.1, 5.3 prior to 5.3R15.1, 5.4 prior to 5.4R7.1, and 9.0 prior to 9.0R3.2, an au...
Ivanti Connect Secure 9.0Ivanti Connect Secure 8.1Ivanti Connect Secure 8.2Ivanti Connect Secure 8.3Pulsesecure Pulse Policy Secure 5.2Pulsesecure Pulse Policy Secure 5.4Ivanti Policy Secure 9.0
10
CVSSv3
CVE-2019-11510
In Pulse Secure Pulse Connect Secure (PCS) 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .
Ivanti Connect Secure 9.0Ivanti Connect Secure 8.2Ivanti Connect Secure 8.3
7.2
CVSSv3
CVE-2019-11542
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, 8.2RX prior to 8.2R12.1, and 8.1RX prior to 8.1R15.1 and Pulse Policy Secure version 9.0RX prior to 9.0R3.2, 5.4RX prior to 5.4R7.1, 5.3RX prior to 5.3R12.1, 5.2RX prior to 5.2R12.1, and ...
Pulsesecure Pulse Connect Secure 8.2r1.1Pulsesecure Pulse Policy Secure 5.1r5.0Pulsesecure Pulse Policy Secure 5.1r1.1Pulsesecure Pulse Policy Secure 5.1r2.0Pulsesecure Pulse Policy Secure 5.2r7.0Pulsesecure Pulse Policy Secure 5.3r7.0Pulsesecure Pulse Policy Secure 5.3r4.1Pulsesecure Pulse Policy Secure 5.3r2.0Pulsesecure Pulse Policy Secure 5.3r3.0Pulsesecure Pulse Policy Secure 5.3r1.0Pulsesecure Pulse Policy Secure 5.1r2.1Pulsesecure Pulse Policy Secure 5.1r1.0Pulsesecure Pulse Connect Secure 8.2r2.0Pulsesecure Pulse Connect Secure 8.1r1.0Pulsesecure Pulse Connect Secure 8.2r4.0Pulsesecure Pulse Policy Secure 5.2r2.0Pulsesecure Pulse Policy Secure 5.1r7.0Pulsesecure Pulse Policy Secure 5.3r5.1Pulsesecure Pulse Policy Secure 5.3r4.0Pulsesecure Pulse Policy Secure 5.1r3.2Pulsesecure Pulse Policy Secure 5.2r7.1Pulsesecure Pulse Policy Secure 5.1r3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook