Filtered by vendor Ivanti
Subscriptions
Filtered by product Connect Secure
Subscriptions
Total
107 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20808 | 1 Ivanti | 1 Connect Secure | 2024-11-21 | N/A |
| An XSS issue has been found with rd.cgi in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R3 due to improper header sanitization. This is not applicable to 8.1RX. | ||||
| CVE-2018-20807 | 1 Ivanti | 1 Connect Secure | 2024-11-21 | N/A |
| An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 due to one of the URL parameters not being sanitized properly. | ||||
| CVE-2018-14366 | 2 Ivanti, Pulsesecure | 3 Connect Secure, Pulse Connect Secure, Pulse Policy Secure | 2024-11-21 | N/A |
| download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability. | ||||
| CVE-2024-47909 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2024-11-19 | 4.9 Medium |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service. | ||||
| CVE-2024-47907 | 1 Ivanti | 1 Connect Secure | 2024-11-18 | 7.5 High |
| A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service. | ||||
| CVE-2024-47905 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2024-11-18 | 4.9 Medium |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service. | ||||
| CVE-2024-37404 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2024-10-21 | N/A |
| Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution. | ||||