Vulnerabilities > Pulsesecure > Pulse Secure Desktop Client > 9.0r1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-28 | CVE-2020-8254 | Path Traversal vulnerability in Pulsesecure Pulse Secure Desktop Client A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. | 6.8 |
| 2020-10-28 | CVE-2020-8240 | Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. local pulsesecure | 6.9 |
| 2019-04-12 | CVE-2019-11213 | Session Fixation vulnerability in multiple products In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. | 8.1 |
| 2018-09-06 | CVE-2018-16261 | Improper Certificate Validation vulnerability in Pulsesecure Pulse Secure Desktop Client In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust. | 4.6 |
| 2018-09-06 | CVE-2018-15749 | Use of Externally-Controlled Format String vulnerability in Pulsesecure Pulse Secure Desktop Client The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability. | 2.1 |
| 2018-09-06 | CVE-2018-15726 | OS Command Injection vulnerability in Pulsesecure Pulse Secure Desktop Client The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability. | 4.6 |