Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivanti connect secure vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2020-8221
A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 which allows an authenticated malicious user to read arbitrary files via the administrator web interface.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
1 Article
356
VMScore
CVE-2020-8216
An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
356
VMScore
CVE-2020-8219
An insufficient permission check vulnerability exists in Pulse Connect Secure <9.1R8 that allows an malicious user to change the password of a full administrator.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
356
VMScore
CVE-2020-8222
A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability through Meeting.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
356
VMScore
CVE-2019-11538
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, 8.2RX prior to 8.2R12.1, and 8.1RX prior to 8.1R15.1, an NFS problem could allow an authenticated malicious user to access the contents of arbitrary files on the affected device.
Ivanti Connect Secure 9.0
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.2
Ivanti Connect Secure 8.3
312
VMScore
CVE-2020-8217
A cross site scripting (XSS) vulnerability in Pulse Connect Secure <9.1R8 allowed malicious users to exploit in the URL used for Citrix ICA.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
312
VMScore
CVE-2016-4790
Cross-site scripting (XSS) vulnerability in the administrative user interface in Pulse Connect Secure (PCS) 8.2 prior to 8.2r1, 8.1 prior to 8.1r2, 8.0 prior to 8.0r9, and 7.4 prior to 7.4r13.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified v...
Pulsesecure Pulse Connect Secure 8.1r1.0
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.0
Pulsesecure Pulse Connect Secure 7.4
Ivanti Connect Secure 8.2
187
VMScore
CVE-2020-12880
An issue exists in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance prior to 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is...
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
NA
CVE-2023-38551
A CRLF Injection vulnerability in Ivanti Connect Secure (9.x, 22.x) allows an authenticated high-privileged user to inject malicious code on a victim’s browser, thereby leading to cross-site scripting attack.
NA
CVE-2024-29205
An Improper Check for Unusual or Exceptional Conditions vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a remote unauthenticated malicious user to send specially crafted requests in-order-to cause service disrupt...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »