Vulnerabilities > Pulsesecure > Pulse Secure Desktop Client
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-28 | CVE-2020-8263 | Cross-site Scripting vulnerability in Pulsesecure Pulse Secure Desktop Client 9.1 A vulnerability in the authenticated user web interface of Pulse Connect Secure < 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) through the CGI file. | 5.4 |
| 2020-10-28 | CVE-2020-8260 | Unrestricted Upload of File with Dangerous Type vulnerability in Pulsesecure Pulse Secure Desktop Client 9.1 A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction. | 7.2 |
| 2020-10-28 | CVE-2020-8255 | Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client 9.1 A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary file reading vulnerability is fixed using encrypted URL blacklisting that prevents these messages. | 4.9 |
| 2020-10-28 | CVE-2020-8254 | Path Traversal vulnerability in Pulsesecure Pulse Secure Desktop Client A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. | 8.8 |
| 2020-10-28 | CVE-2020-8250 | Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client 9.1 A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. | 7.8 |
| 2020-10-28 | CVE-2020-8249 | Classic Buffer Overflow vulnerability in Pulsesecure Pulse Secure Desktop Client 9.1 A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to perform buffer overflow. | 7.8 |
| 2020-10-28 | CVE-2020-8248 | Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client 9.1 A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. | 7.8 |
| 2020-10-28 | CVE-2020-8241 | Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client 9.1 A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server. | 7.5 |
| 2020-10-28 | CVE-2020-8240 | Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. | 7.8 |
| 2020-10-28 | CVE-2020-8239 | Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client 9.1 A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. | 9.8 |