Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pulsesecure pulse secure desktop client vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2020-8260
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated malicious user to perform an arbitrary code execution using uncontrolled gzip extraction.
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
1 Article
7
CVSSv3
CVE-2020-13162
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions before 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.
Pulsesecure Pulse Secure Desktop Client 9.1
Pulsesecure Pulse Secure Desktop Client 9.0
Pulsesecure Pulse Secure Desktop Client 5.3
Pulsesecure Pulse Secure Installer Service 8.3
Pulsesecure Pulse Secure Installer Service 9.1
1 Github repository
6.8
CVSSv3
CVE-2018-7572
Pulse Secure Client 9.0R1 and 5.3RX prior to 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow malicious users to bypass Windows authentication and execute commands on the system with the privileges of Pulse Secure Client. The attacker must interrup...
Pulsesecure Pulse Secure Desktop 5.3r1.0
Pulsesecure Pulse Secure Desktop 5.3r1.1
Pulsesecure Pulse Secure Desktop 5.3r2.0
Pulsesecure Pulse Secure Desktop 5.3r3.0
Pulsesecure Pulse Secure Desktop 5.3r4.0
Pulsesecure Pulse Secure Desktop 5.3r4.1
Pulsesecure Pulse Secure Desktop 9.0r1.0
Pulsesecure Pulse Secure Desktop 5.3rx
Pulsesecure Pulse Secure Desktop 5.3r4.2
6.8
CVSSv3
CVE-2018-16261
In Pulse Secure Pulse Desktop Client 5.3RX prior to 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust.
Pulsesecure Pulse Secure Desktop Client 5.3r3
Pulsesecure Pulse Secure Desktop Client 5.3r2
Pulsesecure Pulse Secure Desktop Client 5.3r1.1
Pulsesecure Pulse Secure Desktop Client 5.3r1
Pulsesecure Pulse Secure Desktop Client 9.0r1
Pulsesecure Pulse Secure Desktop Client 5.3r4.1
Pulsesecure Pulse Secure Desktop Client 5.3r4.2
Pulsesecure Pulse Secure Desktop Client 5.3r4
Pulsesecure Pulse Secure Desktop Client 5.3rx
6.5
CVSSv3
CVE-2018-6374
The GUI component (aka PulseUI) in Pulse Secure Desktop Linux clients before PULSE5.2R9.2 and 5.3.x before PULSE5.3R4.2 does not perform strict SSL Certificate Validation. This can lead to the manipulation of the Pulse Connection set.
Pulsesecure Desktop Linux Client
6.5
CVSSv3
CVE-2016-3985
The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access restrictions via unspecified vectors.
Pulsesecure Pulse Connect Secure 8.2r1
Pulsesecure Pulse Connect Secure 8.1r7
5.5
CVSSv3
CVE-2018-11002
Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure Permissions.
Pulsesecure Pulse Secure Desktop Client 5.3r3
Pulsesecure Pulse Secure Desktop Client 5.3r4.1
Pulsesecure Pulse Secure Desktop Client 5.3r1
Pulsesecure Pulse Secure Desktop Client 5.3r1.1
Pulsesecure Pulse Secure Desktop Client 5.3r2
Pulsesecure Pulse Secure Desktop Client 5.3r5
Pulsesecure Pulse Secure Desktop Client 5.3r5.2
Pulsesecure Pulse Secure Desktop Client 5.3r6
Pulsesecure Pulse Secure Desktop Client 5.3r4
Pulsesecure Pulse Secure Desktop Client 5.3r4.2
5.5
CVSSv3
CVE-2018-15749
The Pulse Secure Desktop (macOS) 5.3RX prior to 5.3R5 and 9.0R1 has a Format String Vulnerability.
Pulsesecure Pulse Secure Desktop Client 9.0r1
Pulsesecure Pulse Secure Desktop Client 5.3r1.1
Pulsesecure Pulse Secure Desktop Client 5.3r1
Pulsesecure Pulse Secure Desktop Client 5.3rx
Pulsesecure Pulse Secure Desktop Client 5.3r4.2
Pulsesecure Pulse Secure Desktop Client 5.3r4
Pulsesecure Pulse Secure Desktop Client 5.3r2
Pulsesecure Pulse Secure Desktop Client 5.3r4.1
Pulsesecure Pulse Secure Desktop Client 5.3r3
5.4
CVSSv3
CVE-2020-8263
A vulnerability in the authenticated user web interface of Pulse Connect Secure < 9.1R9 could allow malicious users to conduct Cross-Site Scripting (XSS) through the CGI file.
Pulsesecure Pulse Secure Desktop Client
Pulsesecure Pulse Secure Desktop Client 9.1
5.3
CVSSv3
CVE-2018-15726
The Pulse Secure Desktop (macOS) 5.3RX prior to 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability.
Pulsesecure Pulse Secure Desktop Client 5.3r1
Pulsesecure Pulse Secure Desktop Client 5.3rx
Pulsesecure Pulse Secure Desktop Client 9.0r1
Pulsesecure Pulse Secure Desktop Client 5.3r4.2
Pulsesecure Pulse Secure Desktop Client 5.3r4.1
Pulsesecure Pulse Secure Desktop Client 5.3r3
Pulsesecure Pulse Secure Desktop Client 5.3r1.1
Pulsesecure Pulse Secure Desktop Client 5.3r4
Pulsesecure Pulse Secure Desktop Client 5.3r2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »