Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pulsesecure vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-22899
A command injection vulnerability exists in Pulse Connect Secure prior to 9.1R11.4 allows a remote authenticated malicious user to perform remote code execution via Windows Resource Profiles Feature
Pulsesecure Pulse Connect Secure 9.0rx
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Ivanti Connect Secure 9.0
6.5
CVSSv2
CVE-2021-22900
A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure prior to 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Ivanti Connect Secure 9.0
9
CVSSv2
CVE-2021-22908
A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default.
Pulsesecure Pulse Connect Secure 9.0rx
Ivanti Connect Secure 9.1
Ivanti Connect Secure 9.0
5
CVSSv2
CVE-2021-31922
An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager prior to 21.1 could allow an malicious user to smuggle an HTTP request through an HTTP/2 Header. This vulnerability is resolved in 21.1, 20.3R1, 20.2R1, 20.1R2, 19.2R4, and 18.2R3.
Pulsesecure Virtual Traffic Manager 20.2
Pulsesecure Virtual Traffic Manager 20.3
Pulsesecure Virtual Traffic Manager 19.2
Pulsesecure Virtual Traffic Manager 20.1
Pulsesecure Virtual Traffic Manager 19.3
Pulsesecure Virtual Traffic Manager
Pulsesecure Virtual Traffic Manager 18.2
2.1
CVSSv2
CVE-2021-22887
A vulnerability in the BIOS of Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 could allow an malicious user to compromise BIOS firmware. This vulnerability can be exploited only as part of an attack chain. Before an attacker can compromise the BIOS, they must explo...
Pulsesecure Psa-5000 Firmware -
Pulsesecure Psa-7000 Firmware -
Supermicro X10slh-f Firmware
Supermicro X10sll-f Firmware
Supermicro X10slm-f Firmware
Supermicro X10sll\\+f Firmware
Supermicro X10slm\\+-f Firmware
Supermicro X10slm\\+ln4f Firmware
Supermicro X10sla-f Firmware
Supermicro X10sl7-f Firmware
Supermicro X10sll-s Firmware
Supermicro X10sll-sf Firmware
4.6
CVSSv2
CVE-2020-8250
A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local malicious users to escalate privilege.
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
1 Github repository
6.8
CVSSv2
CVE-2020-8254
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect Sec...
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
1 Github repository
4
CVSSv2
CVE-2020-8255
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated malicious user to perform an arbitrary file reading vulnerability is fixed using encrypted URL blacklisting that prevents these messages.
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
4.3
CVSSv2
CVE-2020-8261
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
Ivanti Connect Secure 9.1
4.3
CVSSv2
CVE-2020-8262
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow malicious users to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
Ivanti Connect Secure 9.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »