Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pulsesecure vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2020-11581
An issue exists in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle malicious user to perform OS command injection attacks (against ...
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Policy Secure -
6.9
CVSSv2
CVE-2020-13162
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions before 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.
Pulsesecure Pulse Secure Desktop Client 9.1
Pulsesecure Pulse Secure Desktop Client 9.0
Pulsesecure Pulse Secure Desktop Client 5.3
Pulsesecure Pulse Secure Installer Service 8.3
Pulsesecure Pulse Secure Installer Service 9.1
1 Github repository
5
CVSSv2
CVE-2018-20812
An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints.
Pulsesecure Pulse Secure Desktop Client 4.0
Pulsesecure Pulse Secure Desktop Client 5.1
Pulsesecure Pulse Secure Desktop Client 5.1r
Pulsesecure Pulse Secure Desktop Client 5.3
Pulsesecure Pulse Secure Desktop Client 9.0
4
CVSSv2
CVE-2018-20307
Pulse Secure Virtual Traffic Manager 9.9 versions before 9.9r2 and 10.4r1 allow a remote authenticated user to obtain sensitive historical activity information by leveraging incorrect permission validation.
Pulsesecure Virtual Traffic Manager 9.9
Pulsesecure Virtual Traffic Manager 10.4
Pulsesecure Virtual Traffic Manager 17.2
7.5
CVSSv2
CVE-2018-5299
A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) prior to 8.3R4 and Pulse Policy Secure (PPS) prior to 5.4R4, leading to memory corruption and possibly remote code execution.
Pulsesecure Pulse Policy Secure
Pulsesecure Pulse Connect Secure
5.8
CVSSv2
CVE-2020-15408
An issue exists in Pulse Secure Pulse Connect Secure prior to 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite.
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Secure Desktop Client 9.1
3.3
CVSSv2
CVE-2016-3985
The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access restrictions via unspecified vectors.
Pulsesecure Pulse Connect Secure 8.2r1
Pulsesecure Pulse Connect Secure 8.1r7
7.5
CVSSv2
CVE-2020-8239
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client (Windows) and Windows PDC.
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
2 Github repositories
6.9
CVSSv2
CVE-2020-8240
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is con...
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
5.1
CVSSv2
CVE-2020-8241
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the malicious user to perform a MITM Attack if end users are convinced to connect to a malicious server.
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »