VYPR

Client

by Pulsesecure

CVEs (5)

  • CVE-2016-0799CriMar 3, 2016
    risk 0.66cvss 9.8epss 0.32

    The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impact via a…

  • CVE-2016-0800MedMar 1, 2016
    risk 0.48cvss 5.9epss 0.82

    The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS…

  • CVE-2018-7572MedSep 12, 2018
    risk 0.44cvss 6.8epss 0.00

    Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow attackers to bypass Windows authentication and execute commands on the system with the privileges of Pulse Secure Client. The attacker must interrupt the…

  • CVE-2023-34298May 3, 2024
    risk 0.00cvss epss 0.01

    Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Pulse Secure Client. An attacker must first obtain the ability to execute low-privileged…

  • CVE-2020-13162Jun 16, 2020
    risk 0.00cvss epss 0.01

    A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.