14 matches found
CVE-2021-22908
A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default...
The vulnerability of the Resource Profiles VPN gateway component in corporate networks of Pulse Connect Secure allows a perpetrator to execute arbitrary code.
The vulnerability of the Resource Profiles VPN gateway component in corporate networks of Pulse Connect Secure is related to insufficient cleaning of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted request...
Ivanti Pulse Connect Secure Command Injection Vulnerability
Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles...
CVE-2021-22899
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature...
CVE-2021-22899
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature...
Command injection
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature...
CVE-2021-22899
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature...
CVE-2021-22899
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature...
CVE-2021-22908
CVE-2021-22908 describes a buffer overflow in Pulse Connect Secure (PCS) related to Windows File Resource Profiles and SMB sharing. Reported as affecting PCS 9.X up to 9.1R2/3, with 9.1R3 enabling default-deny for SMB browsing; exploitation requires an authenticated user with privileges and could...
CVE-2021-22908
A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default...
CVE-2021-22899
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
PT-2021-15265 · Pulse · Pulse Connect Secure
Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure versions 9.X through 9.1R2 Windows File Resource Profiles versions 9.X through 9.1R2 Description: A buffer overflow issue exists, allowing a remote authenticated user with privileges to browse SMB shares to execute...
PT-2021-4940 · Pulse · Pulse Connect Secure
Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure versions prior to 9.1R11.4 Description: The issue is related to insufficient input validation in the Resource Profiles component of Pulse Connect Secure VPN gateways for corporate networks. It allows a remote attacker to...
CVE-2017-16850
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a getResourceProfiles action...