Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pulse secure desktop vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-8239
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client (Windows) and Windows PDC.
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
2 Github repositories
7.2
CVSSv2
CVE-2018-7572
Pulse Secure Client 9.0R1 and 5.3RX prior to 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow malicious users to bypass Windows authentication and execute commands on the system with the privileges of Pulse Secure Client. The attacker must interrup...
Pulsesecure Pulse Secure Desktop 5.3r1.0
Pulsesecure Pulse Secure Desktop 5.3r1.1
Pulsesecure Pulse Secure Desktop 5.3r2.0
Pulsesecure Pulse Secure Desktop 5.3r3.0
Pulsesecure Pulse Secure Desktop 5.3r4.0
Pulsesecure Pulse Secure Desktop 5.3r4.1
Pulsesecure Pulse Secure Desktop 9.0r1.0
Pulsesecure Pulse Secure Desktop 5.3rx
Pulsesecure Pulse Secure Desktop 5.3r4.2
7.2
CVSSv2
CVE-2016-2408
Pulse Secure Desktop prior to 5.2R2 and Pulse Secure Installer Service prior to 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors.
Pulsesecure Standalone Pulse Installer Service 7.4r1.0
Pulsesecure Standalone Pulse Installer Service 7.4r9.0
Pulsesecure Standalone Pulse Installer Service 7.4r9.1
Pulsesecure Standalone Pulse Installer Service 7.4r13.0
Pulsesecure Standalone Pulse Installer Service 7.4r13.1
Pulsesecure Standalone Pulse Installer Service 8.1r2.0
Pulsesecure Standalone Pulse Installer Service 8.1r1.0
Pulsesecure Standalone Pulse Installer Service 8.1r6.0
Pulsesecure Standalone Pulse Installer Service 8.1r7.0
Pulsesecure Standalone Pulse Installer Service 8.0r3.1
Pulsesecure Standalone Pulse Installer Service 8.0r3.2
Pulsesecure Standalone Pulse Installer Service 8.0r8.0
Pulsesecure Standalone Pulse Installer Service 8.0r8.1
Pulsesecure Standalone Pulse Installer Service 8.0r15.0
Pulsesecure Standalone Pulse Installer Service 8.2r1.1
Pulsesecure Pulse Secure Security 8.1r2.0
Pulsesecure Pulse Secure Security 8.1r2.1
Pulsesecure Pulse Secure Security 8.1r6.0
Pulsesecure Pulse Secure Security 8.1r7.0
Pulsesecure Pulse Secure Security 8.1r8.0
Pulsesecure Pulse Secure Security 8.0r3.2
Pulsesecure Pulse Secure Security 8.0r4.0
6.9
CVSSv2
CVE-2020-8240
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is con...
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
6.9
CVSSv2
CVE-2020-13162
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions before 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.
Pulsesecure Pulse Secure Desktop Client 9.1
Pulsesecure Pulse Secure Desktop Client 9.0
Pulsesecure Pulse Secure Desktop Client 5.3
Pulsesecure Pulse Secure Installer Service 8.3
Pulsesecure Pulse Secure Installer Service 9.1
1 Github repository
6.8
CVSSv2
CVE-2020-8254
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect Sec...
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
1 Github repository
6.8
CVSSv2
CVE-2019-11213
In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for explo...
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure
6.5
CVSSv2
CVE-2020-8260
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated malicious user to perform an arbitrary code execution using uncontrolled gzip extraction.
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
1 Article
6.4
CVSSv2
CVE-2018-6374
The GUI component (aka PulseUI) in Pulse Secure Desktop Linux clients before PULSE5.2R9.2 and 5.3.x before PULSE5.3R4.2 does not perform strict SSL Certificate Validation. This can lead to the manipulation of the Pulse Connection set.
Pulsesecure Desktop Linux Client
5.8
CVSSv2
CVE-2020-15408
An issue exists in Pulse Secure Pulse Connect Secure prior to 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite.
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Secure Desktop Client 9.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »