Pulsesecure Pulse_secure_desktop_client
18 CVEs affecting Pulsesecure Pulse_secure_desktop_client. Latest disclosed: 2020-10-28. Critical: 1, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-8239 | Critical | 9.8 | 2020-10-28 | A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side… |
CVE-2020-8254 | High | 8.8 | 2020-10-28 | A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vul… |
CVE-2019-11213 | High | 8.1 | 2019-04-12 | In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthori… |
CVE-2020-8250 | High | 7.8 | 2020-10-28 | A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. |
CVE-2020-8249 | High | 7.8 | 2020-10-28 | A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to perform buffer overflow. |
CVE-2020-8248 | High | 7.8 | 2020-10-28 | A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. |
CVE-2020-8240 | High | 7.8 | 2020-10-28 | A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Brow… |
CVE-2018-15865 | High | 7.8 | 2018-09-06 | The Pulse Secure Desktop (macOS) has a Privilege Escalation Vulnerability. |
CVE-2020-8241 | High | 7.5 | 2020-10-28 | A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicio… |
CVE-2018-20812 | High | 7.5 | 2019-06-28 | An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Puls… |
CVE-2020-13162 | High | 7.0 | 2020-06-16 | A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as N… |
CVE-2018-16261 | Medium | 6.8 | 2018-09-06 | In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust. |
CVE-2018-11002 | Medium | 5.5 | 2018-11-29 | Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure Permissions. |
CVE-2018-15749 | Medium | 5.5 | 2018-09-06 | The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability. |
CVE-2020-8263 | Medium | 5.4 | 2020-10-28 | A vulnerability in the authenticated user web interface of Pulse Connect Secure < 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) through the… |
CVE-2018-15726 | Medium | 5.3 | 2018-09-06 | The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability. |
CVE-2020-8255 | Medium | 4.9 | 2020-10-28 | A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary file reading vulnerabilit… |
CVE-2020-15408 | Low | 3.7 | 2020-07-28 | An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web int… |