Pulse Secure Desktop
by Pulsesecure
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-2408 | Hig | 0.51 | 7.8 | 0.00 | Aug 2, 2016 | Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors. | ||
| CVE-2020-8241 | 0.00 | — | 0.02 | Oct 28, 2020 | A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server. | |||
| CVE-2020-8250 | 0.00 | — | 0.00 | Oct 28, 2020 | A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. | |||
| CVE-2018-20812 | 0.00 | — | 0.01 | Mar 16, 2019 | An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints. | |||
| CVE-2018-15865 | 0.00 | — | 0.00 | Sep 6, 2018 | The Pulse Secure Desktop (macOS) has a Privilege Escalation Vulnerability. | |||
| CVE-2018-15749 | 0.00 | — | 0.00 | Sep 6, 2018 | The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability. | |||
| CVE-2018-15726 | 0.00 | — | 0.00 | Sep 6, 2018 | The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability. | |||
| CVE-2018-6374 | 0.00 | — | 0.01 | Jan 31, 2018 | The GUI component (aka PulseUI) in Pulse Secure Desktop Linux clients before PULSE5.2R9.2 and 5.3.x before PULSE5.3R4.2 does not perform strict SSL Certificate Validation. This can lead to the manipulation of the Pulse Connection set. |
- risk 0.51cvss 7.8epss 0.00
Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors.
- CVE-2020-8241Oct 28, 2020risk 0.00cvss —epss 0.02
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server.
- CVE-2020-8250Oct 28, 2020risk 0.00cvss —epss 0.00
A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.
- CVE-2018-20812Mar 16, 2019risk 0.00cvss —epss 0.01
An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints.
- CVE-2018-15865Sep 6, 2018risk 0.00cvss —epss 0.00
The Pulse Secure Desktop (macOS) has a Privilege Escalation Vulnerability.
- CVE-2018-15749Sep 6, 2018risk 0.00cvss —epss 0.00
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability.
- CVE-2018-15726Sep 6, 2018risk 0.00cvss —epss 0.00
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability.
- CVE-2018-6374Jan 31, 2018risk 0.00cvss —epss 0.01
The GUI component (aka PulseUI) in Pulse Secure Desktop Linux clients before PULSE5.2R9.2 and 5.3.x before PULSE5.3R4.2 does not perform strict SSL Certificate Validation. This can lead to the manipulation of the Pulse Connection set.