Pulse Secure Desktop Client Security Vulnerabilities and Issues — Pulse Secure Desktop Client CVE List

Lucene search

PulsesecurePulse Secure Desktop Client

18 matches found

CVE•added 2020/07/28 3:15 p.m.•122 views

CVE-2020-15408

An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite.

5.8CVSS4.8AI score0.00328EPSS

CVE•added 2020/03/20 9:15 p.m.•119 views

CVE-2020-8140

A code injection in Nextcloud Desktop Client 2.6.2 for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the environment.

6.7CVSS6.6AI score0.00365EPSS

CVE•added 2020/06/16 8:15 p.m.•110 views

CVE-2020-13162

A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.

7CVSS6.6AI score0.00347EPSS

CVE•added 2020/08/21 9:15 p.m.•67 views

CVE-2020-8189

A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html (including local links) when responding with invalid data on the login attempt.

5.4CVSS5.2AI score0.02601EPSS

CVE•added 2020/08/21 9:15 p.m.•67 views

CVE-2020-8227

Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory.

7.1CVSS6.4AI score0.20057EPSS

CVE•added 2020/10/28 1:15 p.m.•67 views

CVE-2020-8239

A vulnerability in the Pulse Secure Desktop Client

9.8CVSS9.4AI score0.00391EPSS

CVE•added 2020/10/28 1:15 p.m.•65 views

CVE-2020-8254

A vulnerability in the Pulse Secure Desktop Client

8.8CVSS8.7AI score0.02435EPSS

CVE•added 2020/10/28 1:15 p.m.•54 views

CVE-2020-8255

A vulnerability in the Pulse Connect Secure

4.9CVSS4.9AI score0.15053EPSS

CVE•added 2020/10/28 1:15 p.m.•52 views

CVE-2020-8241

A vulnerability in the Pulse Secure Desktop Client

7.5CVSS7.7AI score0.035EPSS

CVE•added 2020/10/28 1:15 p.m.•47 views

CVE-2020-8240

A vulnerability in the Pulse Secure Desktop Client

7.8CVSS7.4AI score0.00044EPSS

CVE•added 2020/10/28 1:15 p.m.•47 views

CVE-2020-8263

A vulnerability in the authenticated user web interface of Pulse Connect Secure

5.4CVSS5AI score0.00347EPSS

CVE•added 2020/08/10 2:15 p.m.•45 views

CVE-2020-8224

A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.

7.8CVSS7.6AI score0.00346EPSS

CVE•added 2020/10/28 1:15 p.m.•43 views

CVE-2020-8249

A vulnerability in the Pulse Secure Desktop Client (Linux)

7.8CVSS7.4AI score0.00651EPSS

CVE•added 2020/09/18 9:15 p.m.•41 views

CVE-2020-8225

A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials.

7.5CVSS7.4AI score0.01303EPSS

CVE•added 2020/08/17 4:15 p.m.•41 views

CVE-2020-8230

A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory.

5.5CVSS5.5AI score0.00235EPSS

CVE•added 2020/08/10 2:15 p.m.•37 views

CVE-2020-8229

A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system.

5.5CVSS5.2AI score0.00258EPSS

CVE•added 2020/10/28 1:15 p.m.•30 views

CVE-2020-8250

A vulnerability in the Pulse Secure Desktop Client (Linux)

7.8CVSS7.4AI score0.0035EPSS

CVE•added 2020/10/28 1:15 p.m.•27 views

CVE-2020-8248

A vulnerability in the Pulse Secure Desktop Client (Linux)

7.8CVSS7.4AI score0.00406EPSS