Ivanti

Connect Secure

132 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-11478

  • EPSS 31.33%
  • Published 19.06.2019 00:15:12
  • Last modified 21.11.2024 04:21:09

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denia...

8.8

CVE-2019-11509

  • EPSS 6.92%
  • Published 03.06.2019 20:29:00
  • Last modified 21.11.2024 04:21:14

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9....

6.1

CVE-2019-11507

Exploit
  • EPSS 0.43%
  • Published 08.05.2019 17:29:00
  • Last modified 21.11.2024 04:21:13

In Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9.0.x before 9.0R3, an XSS issue has been found on the Application Launcher page.

7.2

CVE-2019-11508

Exploit
  • EPSS 4.32%
  • Published 08.05.2019 17:29:00
  • Last modified 21.11.2024 04:21:13

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appl...

10

CVE-2019-11510

Warning Exploit
  • EPSS 94.36%
  • Published 08.05.2019 17:29:00
  • Last modified 03.04.2025 19:42:38

In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .

7.7

CVE-2019-11538

Exploit
  • EPSS 4.59%
  • Published 26.04.2019 02:29:00
  • Last modified 21.11.2024 04:21:17

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1, an NFS problem could allow an authenticated attacker to access the contents of arbitrary files on the affected ...

7.2

CVE-2019-11539

Warning Exploit
  • EPSS 93.91%
  • Published 26.04.2019 02:29:00
  • Last modified 03.04.2025 19:50:18

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before ...

9.8

CVE-2019-11540

Exploit
  • EPSS 14.76%
  • Published 26.04.2019 02:29:00
  • Last modified 21.11.2024 04:21:18

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2 and 5.4RX before 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack.

7.5

CVE-2019-11541

  • EPSS 1.77%
  • Published 26.04.2019 02:29:00
  • Last modified 21.11.2024 04:21:18

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.2RX before 8.2R12.1, users using SAML authentication with the Reuse Existing NC (Pulse) Session option may see authentication leaks.

7.2

CVE-2019-11542

Exploit
  • EPSS 43.06%
  • Published 26.04.2019 02:29:00
  • Last modified 21.11.2024 04:21:18

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before ...