Vulnerabilities > Pulsesecure > Pulse Secure Desktop Client > 5.3r6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-28 | CVE-2020-8254 | Path Traversal vulnerability in Pulsesecure Pulse Secure Desktop Client A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. | 8.8 |
2020-10-28 | CVE-2020-8240 | Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. | 7.8 |
2019-04-12 | CVE-2019-11213 | Session Fixation vulnerability in multiple products In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. | 8.1 |
2018-11-29 | CVE-2018-11002 | Incorrect Permission Assignment for Critical Resource vulnerability in Pulsesecure Pulse Secure Desktop Client Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure Permissions. | 5.5 |