8.2r12.0

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-30	CVE-2020-8216	An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID. network low complexity pulsesecure ivanti	4.3
2020-07-30	CVE-2020-8206	Improper Authentication vulnerability in multiple products An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP. network high complexity pulsesecure ivanti CWE-287	8.1
2020-07-30	CVE-2020-8204	Cross-site Scripting vulnerability in multiple products A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page. network low complexity pulsesecure ivanti CWE-79	6.1
2020-07-28	CVE-2020-15408	Unspecified vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. network low complexity pulsesecure	4.6
2020-07-27	CVE-2020-12880	An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. local low complexity pulsesecure ivanti	5.5
2020-04-06	CVE-2020-11582	Exposure of Resource to Wrong Sphere vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. low complexity pulsesecure CWE-668	8.8
2020-04-06	CVE-2020-11581	OS Command Injection vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. network high complexity pulsesecure CWE-78	8.1
2020-04-06	CVE-2020-11580	Improper Certificate Validation vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. network low complexity pulsesecure CWE-295 critical	9.1
2018-10-19	CVE-2018-18284	Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. local low complexity artifex debian canonical redhat pulsesecure	8.6
2018-09-05	CVE-2018-16513	Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. local low complexity artifex debian canonical pulsesecure CWE-704	7.8