Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
PulsesecurePulse Policy Secure

34 matches found

CVE
CVEadded 2019/04/26 2:29 a.m.1119 views

CVE-2019-11539

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin we...

8CVSS7.9AI score0.93756EPSS
CVE
CVEadded 2020/10/28 1:15 p.m.1104 views

CVE-2020-8260

A vulnerability in the Pulse Connect Secure

7.2CVSS8.2AI score0.67944EPSS
CVE
CVEadded 2020/07/30 1:15 p.m.1017 views

CVE-2020-8218

A code injection vulnerability exists in Pulse Connect Secure

7.2CVSS7.3AI score0.91071EPSS
CVE
CVEadded 2019/06/19 12:15 a.m.712 views

CVE-2019-11477

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182...

7.8CVSS7.5AI score0.76442EPSS
CVE
CVEadded 2019/06/19 12:15 a.m.558 views

CVE-2019-11478

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kerne...

7.5CVSS6.4AI score0.27962EPSS
CVE
CVEadded 2019/06/03 8:29 p.m.92 views

CVE-2019-11509

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin w...

8.8CVSS9.2AI score0.07261EPSS
CVE
CVEadded 2019/04/26 2:29 a.m.85 views

CVE-2019-11540

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2 and 5.4RX before 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack.

9.8CVSS9.3AI score0.18542EPSS
CVE
CVEadded 2020/04/06 9:15 p.m.75 views

CVE-2020-11582

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections on a random port. This can be reached by local HT...

8.8CVSS7.9AI score0.39323EPSS
CVE
CVEadded 2020/07/27 11:15 p.m.73 views

CVE-2020-12880

An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available an...

5.5CVSS5.5AI score0.00079EPSS
CVE
CVEadded 2019/06/28 6:15 p.m.69 views

CVE-2018-20810

Session data between cluster nodes during cluster synchronization is not properly encrypted in Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX, PPS 5.2RX, or stand-alone devices.

9.8CVSS9.2AI score0.01536EPSS
CVE
CVEadded 2019/04/26 2:29 a.m.69 views

CVE-2019-11542

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, an authentic...

8CVSS8AI score0.38785EPSS
CVE
CVEadded 2020/04/06 9:15 p.m.68 views

CVE-2020-11580

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate.

9.1CVSS9.1AI score0.00248EPSS
CVE
CVEadded 2020/04/06 9:15 p.m.66 views

CVE-2020-11581

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks (against a client) via she...

9.3CVSS8.5AI score0.39323EPSS
CVE
CVEadded 2020/10/28 1:15 p.m.66 views

CVE-2020-8261

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure

4.3CVSS4.8AI score0.00613EPSS
CVE
CVEadded 2017/08/29 3:29 p.m.59 views

CVE-2017-11455

diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 through 5.2R8, and 5.1R1 through 5.1R10 allow remote attackers to hijack the authentication of administrators for requests to start tcpdump, related to the lack of anti-CSRF...

8.8CVSS8.8AI score0.00563EPSS
CVE
CVEadded 2019/06/28 6:15 p.m.57 views

CVE-2018-20814

An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.3R2 before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX or PPS 5.2RX.

6.1CVSS5.9AI score0.00105EPSS
CVE
CVEadded 2020/09/30 6:15 p.m.55 views

CVE-2020-8238

A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure

6.1CVSS5.8AI score0.00172EPSS
CVE
CVEadded 2019/06/28 6:15 p.m.54 views

CVE-2018-20809

A crafted message can cause the web server to crash with Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R5 and Pulse Policy Secure 5.4RX before 5.4R5. This is not applicable to PCS 8.1RX.

7.5CVSS7.4AI score0.03312EPSS
CVE
CVEadded 2020/10/28 1:15 p.m.54 views

CVE-2020-8255

A vulnerability in the Pulse Connect Secure

4.9CVSS4.9AI score0.15053EPSS
CVE
CVEadded 2020/10/27 5:15 a.m.53 views

CVE-2020-15352

An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.

7.2CVSS6.6AI score0.06555EPSS
CVE
CVEadded 2020/10/28 1:15 p.m.53 views

CVE-2020-8262

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.

6.1CVSS5.8AI score0.00144EPSS
CVE
CVEadded 2020/07/30 1:15 p.m.51 views

CVE-2020-8206

An improper authentication vulnerability exists in Pulse Connect Secure

8.1CVSS8AI score0.0152EPSS
CVE
CVEadded 2020/07/30 1:15 p.m.51 views

CVE-2020-8221

A path traversal vulnerability exists in Pulse Connect Secure

4.9CVSS4.9AI score0.02858EPSS
CVE
CVEadded 2019/04/26 2:29 a.m.50 views

CVE-2019-11543

XSS exists in the admin web console in Pulse Secure Pulse Connect Secure (PCS) 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, and 5.2RX before 5.2R12.1.

8.3CVSS6.5AI score0.00213EPSS
CVE
CVEadded 2020/07/30 1:15 p.m.47 views

CVE-2020-8217

A cross site scripting (XSS) vulnerability in Pulse Connect Secure

5.4CVSS5.2AI score0.00136EPSS
CVE
CVEadded 2020/10/28 1:15 p.m.47 views

CVE-2020-8263

A vulnerability in the authenticated user web interface of Pulse Connect Secure

5.4CVSS5AI score0.00347EPSS
CVE
CVEadded 2020/07/30 1:15 p.m.46 views

CVE-2020-8216

An information disclosure vulnerability in meeting of Pulse Connect Secure

4.3CVSS4.2AI score0.02167EPSS
CVE
CVEadded 2020/07/30 1:15 p.m.45 views

CVE-2020-8220

A denial of service vulnerability exists in Pulse Connect Secure

6.5CVSS6.5AI score0.06668EPSS
CVE
CVEadded 2018/01/16 10:29 p.m.42 views

CVE-2018-5299

A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and Pulse Policy Secure (PPS) before 5.4R4, leading to memory corruption and possibly remote code execution.

9.8CVSS9.8AI score0.11904EPSS
CVE
CVEadded 2018/09/06 11:29 p.m.42 views

CVE-2018-6320

A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX before 8.1R12 and 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.2RX before 5.2R9 and 5.4RX before 5.4R2 wherein an http(s) Host header received from the browser is trusted without validation.

9.8CVSS9.3AI score0.05235EPSS
CVE
CVEadded 2020/07/30 1:15 p.m.41 views

CVE-2020-8219

An insufficient permission check vulnerability exists in Pulse Connect Secure

7.2CVSS6.9AI score0.01732EPSS
CVE
CVEadded 2020/07/30 1:15 p.m.39 views

CVE-2020-8204

A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure

6.1CVSS5.9AI score0.00169EPSS
CVE
CVEadded 2020/07/30 1:15 p.m.39 views

CVE-2020-8222

A path traversal vulnerability exists in Pulse Connect Secure

6.8CVSS6.4AI score0.0086EPSS
CVE
CVEadded 2018/09/06 11:29 p.m.38 views

CVE-2018-14366

download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability.

6.1CVSS6.2AI score0.001EPSS