10 matches found
New Windows 11 features strengthen security to address evolving cyberthreat landscape
Ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC. Alongside this exciting new class of PCs, we are introducing important security features and updates that make Windows 11 more secure for users and organizations and give developers the tools...
CVE-2020-11581
An issue was discovered in Pulse Secure Pulse Connect Secure PCS through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks against a client via shell...
Code injection
An issue was discovered in Pulse Secure Pulse Connect Secure PCS through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate...
Command injection
An issue was discovered in Pulse Secure Pulse Connect Secure PCS through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks against a client via shell...
Command injection
An issue was discovered in Pulse Secure Pulse Connect Secure PCS through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections on a random port. This can be reached by local HT...
CVE-2020-11581
An issue was discovered in Pulse Secure Pulse Connect Secure PCS through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks against a client via shell...
CVE-2020-11580
An issue was discovered in Pulse Secure Pulse Connect Secure PCS through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate...
CVE-2018-20809
A crafted message can cause the web server to crash with Pulse Secure Pulse Connect Secure PCS 8.3RX before 8.3R5 and Pulse Policy Secure 5.4RX before 5.4R5. This is not applicable to PCS 8.1RX...
CVE-2018-20807
CVE-2018-20807 affects Pulse Secure Pulse Connect Secure (PCS) via an XSS in welcome.cgi. Affected: PCS 8.1.x before 8.1R12, 8.2.x before 8.2R9, 8.3.x before 8.3R3. Root cause: improper sanitization of a URL parameter in the WEB app, enabling client-side script execution. Impact: client-side code...
CVE-2018-20807
An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure PCS 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 due to one of the URL parameters not being sanitized properly...