Pulsesecure

Pulse Policy Secure

31 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-11478

  • EPSS 31.33%
  • Published 19.06.2019 00:15:12
  • Last modified 21.11.2024 04:21:09

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denia...

7.8

CVE-2019-11477

  • EPSS 71.15%
  • Published 19.06.2019 00:15:12
  • Last modified 21.11.2024 04:21:09

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This ha...

8.8

CVE-2019-11509

  • EPSS 6.92%
  • Published 03.06.2019 20:29:00
  • Last modified 21.11.2024 04:21:14

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9....

6.1

CVE-2019-11543

  • EPSS 0.18%
  • Published 26.04.2019 02:29:00
  • Last modified 21.11.2024 04:21:18

XSS exists in the admin web console in Pulse Secure Pulse Connect Secure (PCS) 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, and 5.2RX before 5.2R12.1.

7.2

CVE-2019-11542

Exploit
  • EPSS 43.06%
  • Published 26.04.2019 02:29:00
  • Last modified 21.11.2024 04:21:18

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before ...

9.8

CVE-2019-11540

Exploit
  • EPSS 14.76%
  • Published 26.04.2019 02:29:00
  • Last modified 21.11.2024 04:21:18

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2 and 5.4RX before 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack.

7.2

CVE-2019-11539

Warning Exploit
  • EPSS 93.91%
  • Published 26.04.2019 02:29:00
  • Last modified 03.04.2025 19:50:18

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before ...

9.8

CVE-2018-6320

  • EPSS 5.24%
  • Published 06.09.2018 23:29:02
  • Last modified 21.11.2024 04:10:28

A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX before 8.1R12 and 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.2RX before 5.2R9 and 5.4RX before 5.4R2 wherein an http(s) Host header received fro...

6.1

CVE-2018-14366

  • EPSS 0.1%
  • Published 06.09.2018 23:29:00
  • Last modified 21.11.2024 03:48:55

download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability.

9.8

CVE-2018-5299

  • EPSS 11.38%
  • Published 16.01.2018 22:29:00
  • Last modified 21.11.2024 04:08:32

A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and Pulse Policy Secure (PPS) before 5.4R4, leading to memory corruption and possibly remote code execution.