CVE-2014-2291

Pulse Secure Access Service (IVE OS) is affected by CVE-2014-2291 due to inadequate input validation on the Pulse Collaboration (Secure Meeting) user pages, allowing remote authenticated users to inject arbitrary HTML/Script. Impact per sources is that this affects Juniper Junos Pulse Secure Acce...

CVE-2012-5460

CVE-2012-5460 is a documented XSS in Juniper Secure Access (IVE OS) on the help page, exploitable via the WWHSearchWordsText parameter. Affected versions are IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2. The vulnerability can allow an attacker to inject arbitrary web script/HT...

CVE-2013-6956

CVE-2013-6956 affects Juniper Junos Pulse Secure Access Service (IVE OS) when the web rewriting feature is enabled. The issue is a cross-site scripting vulnerability in the web rewrite pages, exploitable by remote authenticated users to inject arbitrary script or HTML. Affected IVE OS versions in...

CVE-2014-3812

The CVE-2014-3812 issue affects Juniper Junos Pulse Secure Access Service (SSL VPN) IVE OS (<7.4r5) and 8.x (<8.0r1) and Junos Pulse Access Control Service (UAC) (<4.4r5) / 5.x (

CVE-2013-5649

CVE-2013-5649 affects Juniper Junos Pulse Secure Access Service (IVE OS) SSL VPN. Vulnerable components are web login and a support page where input validation is insufficient, allowing XSS by unauthenticated users and authenticated users. Impact includes arbitrary script execution in the browser...

CVE-2014-2292

CVE-2014-2292 concerns a local privilege escalation in the Linux Network Connect client used by Juniper Junos Pulse Secure Access Service (IVE OS). Affected desktop/server versions include IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1. The underlying issue is a l...