8.2r4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-30	CVE-2020-8216	An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID. network low complexity pulsesecure ivanti	4.3
2020-07-30	CVE-2020-8206	Improper Authentication vulnerability in multiple products An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP. network high complexity pulsesecure ivanti CWE-287	8.1
2020-07-30	CVE-2020-8204	Cross-site Scripting vulnerability in multiple products A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page. network low complexity pulsesecure ivanti CWE-79	6.1
2020-07-28	CVE-2020-15408	Unspecified vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. network low complexity pulsesecure	4.6
2020-07-27	CVE-2020-12880	An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. local low complexity pulsesecure ivanti	5.5
2020-04-06	CVE-2020-11582	Exposure of Resource to Wrong Sphere vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. low complexity pulsesecure CWE-668	8.8
2020-04-06	CVE-2020-11581	OS Command Injection vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. network high complexity pulsesecure CWE-78	8.1
2020-04-06	CVE-2020-11580	Improper Certificate Validation vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. network low complexity pulsesecure CWE-295 critical	9.1
2019-04-26	CVE-2019-11542	Out-of-bounds Write vulnerability in multiple products In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, an authenticated attacker (via the admin web interface) can send a specially crafted message resulting in a stack buffer overflow. network low complexity pulsesecure ivanti CWE-787	7.2
2019-04-26	CVE-2019-11541	In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.2RX before 8.2R12.1, users using SAML authentication with the Reuse Existing NC (Pulse) Session option may see authentication leaks. network low complexity pulsesecure ivanti	7.5