Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pulsesecure vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-8217
A cross site scripting (XSS) vulnerability in Pulse Connect Secure <9.1R8 allowed malicious users to exploit in the URL used for Citrix ICA.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
5.4
CVSSv3
CVE-2018-20306
A stored cross-site scripting (XSS) vulnerability in the web administration user interface of Pulse Secure Virtual Traffic Manager may allow a remote authenticated malicious user to inject web script or HTML via a crafted website and steal sensitive data and credentials. Affected...
Pulsesecure Virtual Traffic Manager
5.3
CVSSv3
CVE-2018-15726
The Pulse Secure Desktop (macOS) 5.3RX prior to 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability.
Pulsesecure Pulse Secure Desktop Client 5.3r1
Pulsesecure Pulse Secure Desktop Client 5.3rx
Pulsesecure Pulse Secure Desktop Client 9.0r1
Pulsesecure Pulse Secure Desktop Client 5.3r4.2
Pulsesecure Pulse Secure Desktop Client 5.3r4.1
Pulsesecure Pulse Secure Desktop Client 5.3r3
Pulsesecure Pulse Secure Desktop Client 5.3r1.1
Pulsesecure Pulse Secure Desktop Client 5.3r4
Pulsesecure Pulse Secure Desktop Client 5.3r2
4.9
CVSSv3
CVE-2020-8255
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated malicious user to perform an arbitrary file reading vulnerability is fixed using encrypted URL blacklisting that prevents these messages.
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
4.9
CVSSv3
CVE-2020-8256
A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated malicious user to gain arbitrary file reading access through Pulse Collaboration via XML External Entity (XXE) vulnerability.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
4.9
CVSSv3
CVE-2020-8221
A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 which allows an authenticated malicious user to read arbitrary files via the administrator web interface.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
1 Article
4.8
CVSSv3
CVE-2017-17947
A cross site scripting issue has been found in custompage.cgi in Pulse Secure Pulse Connect Secure (PCS) prior to 8.0R17.0, 8.1.x prior to 8.1R13, 8.2.x prior to 8.2R9, and 8.3.x prior to 8.3R3 and Pulse Policy Secure (PPS) prior to 5.2R10, 5.3.x prior to 5.3R9, and 5.4.x prior t...
Pulsesecure Pulse Connect Secure
4.6
CVSSv3
CVE-2020-15408
An issue exists in Pulse Secure Pulse Connect Secure prior to 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite.
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Secure Desktop Client 9.1
4.3
CVSSv3
CVE-2020-8261
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
Ivanti Connect Secure 9.1
4.3
CVSSv3
CVE-2020-8216
An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »