CVE-2024-55661

< 1.3.1

Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has b

8.8HIGH

CVE-2022-21826

< 9.1

Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POS

5.4MEDIUM

CVE-2021-44720

< 9.1

In Ivanti Pulse Secure Pulse Connect Secure (PCS) before 9.1R12, the administrator password is stored in the HTML source code of t

7.2HIGH

CVE-2021-22965

< 9.1

A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow an unauthenticated administrator to causes a denial of service

7.5HIGH

CVE-2021-22938

< 9.1

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform command injection via

7.2HIGH

CVE-2021-22937

< 9.1

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform a file write via a mal

7.2HIGH

CVE-2021-22936

< 9.1

A vulnerability in Pulse Connect Secure before 9.1R12 could allow a threat actor to perform a cross-site script attack against an

6.1MEDIUM

CVE-2021-22935

< 9.1

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform command injection via

7.2HIGH

CVE-2021-22934

< 9.1

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator or compromised Pulse Connect Secu

7.2HIGH

CVE-2021-22933

< 9.1

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform an arbitrary file dele

6.5MEDIUM

CVE-2021-22908

all versions

A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges

8.8HIGH

CVE-2021-22900

<= 9.1

A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated

7.2HIGH

CVE-2020-8262

< 9.1

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scriptin

6.1MEDIUM

CVE-2020-8261

< 9.1

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.

4.3MEDIUM

CVE-2020-15352

<= 9.0

An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 a

7.2HIGH

CVE-2020-8256

<= 9.0

A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary

4.9MEDIUM

CVE-2020-8238

<= 9.0

A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure < 9.1R8.2 could allow atta

6.1MEDIUM

CVE-2020-8222

<= 9.0

A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 that allowed an authenticated attacker via the administrator

6.8MEDIUM

CVE-2020-8221

<= 9.0

A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 which allows an authenticated attacker to read arbitrary file

4.9MEDIUM

CVE-2020-8220

<= 9.0

A denial of service vulnerability exists in Pulse Connect Secure <9.1R8 that allows an authenticated attacker to perform command i

6.5MEDIUM

CVE-2020-8219

<= 9.0

An insufficient permission check vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to change the passwor

7.2HIGH

CVE-2020-8217

<= 9.0

A cross site scripting (XSS) vulnerability in Pulse Connect Secure <9.1R8 allowed attackers to exploit in the URL used for Citrix

5.4MEDIUM

CVE-2020-8216

<= 9.0

An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeti

4.3MEDIUM

CVE-2020-8206

<= 9.0

An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary creden

8.1HIGH

CVE-2020-8204

<= 9.0

A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page.

6.1MEDIUM

CVE-2020-15408

<= 9.1

An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page con

3.7LOW

CVE-2020-12880

<= 9.0

An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulatin

5.5MEDIUM

CVE-2020-11582

<= 2020-04-06

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS,

8.8HIGH

CVE-2020-11581

<= 2020-04-06

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS,

8.1HIGH

CVE-2020-11580

<= 2020-04-06

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS,

9.1CRITICAL

CVE-2019-11508

all versions

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an au

7.2HIGH

CVE-2019-11543

all versions

XSS exists in the admin web console in Pulse Secure Pulse Connect Secure (PCS) 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.1

6.1MEDIUM

CVE-2019-11542

all versions

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8

7.2HIGH

CVE-2019-11541

all versions

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.2RX before 8.2R12.1, users using SA

7.5HIGH

CVE-2019-11540

all versions

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1 and Pulse Policy Secure version 9.0RX b

9.8CRITICAL

CVE-2019-11213

>= 8.1r1.0 and <= 8.1r14.0

In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, an

8.1HIGH

CVE-2018-18284

>= 8.2r1.0 and < 8.2r12.1

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy o

8.6HIGH

CVE-2018-6320

all versions

A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX before 8.1R12 and 8.3RX before 8

9.8CRITICAL

CVE-2018-14366

all versions

download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX

6.1MEDIUM

CVE-2018-16513

>= 8.2r1.0 and < 8.2r12.1

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor f

7.8HIGH

CVE-2018-15911

>= 8.2r1.0 and < 8.2r12.1

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access i

7.8HIGH

CVE-2018-15910

>= 8.2r1.0 and < 8.2r12.1

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistil

7.8HIGH

CVE-2018-15909

>= 8.2r1.0 and < 8.2r12.1

In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supp

7.8HIGH

CVE-2018-9849

>= 8.1 and < 8.1r14

Pulse Secure Pulse Connect Secure 8.1.x before 8.1R14, 8.2.x before 8.2R11, and 8.3.x before 8.3R5 do not properly process nested

5.5MEDIUM

CVE-2018-5299

>= 8.3r1 and <= 8.3r3

A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and P

9.8CRITICAL

CVE-2017-17947

< 8.0r17.0

A cross site scripting issue has been found in custompage.cgi in Pulse Secure Pulse Connect Secure (PCS) before 8.0R17.0, 8.1.x be

4.8MEDIUM

CVE-2017-11455

all versions

diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 thro

8.8HIGH

CVE-2017-11196

all versions

Pulse Connect Secure 8.3R1 has CSRF in logout.cgi. The logout function of the admin panel is not protected by any CSRF tokens, thu

8.8HIGH

CVE-2017-11195

all versions

Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. The helpLaunchPage parameter is reflected in an IFRAME element, if

6.1MEDIUM

CVE-2017-11194

all versions

Pulse Connect Secure 8.3R1 has Reflected XSS in adminservercacertdetails.cgi. In the admin panel, the certid parameter of adminser

6.1MEDIUM

CVE-2017-11193

all versions

Pulse Connect Secure 8.3R1 has CSRF in diag.cgi. In the panel, the diag.cgi file is responsible for running commands such as ping,

8.8HIGH

CVE-2016-4791

all versions

The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 befo

8.6HIGH

CVE-2016-4790

all versions

Cross-site scripting (XSS) vulnerability in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1

5.5MEDIUM

CVE-2016-4789

all versions

Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect

6.1MEDIUM

CVE-2016-4788

all versions

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers t

5.8MEDIUM

CVE-2016-4787

all versions

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers t

10.0CRITICAL

CVE-2016-4786

all versions

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r3, 8.0 before 8.0r11, and 7.4 before 7.4r13.4 allow remote attackers t

7.5HIGH

CVE-2016-3985

all versions

The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 an

6.5MEDIUM