U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:pulsesecure:pulse_connect_secure:9.0r3.2:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 26 matching records.
Displaying matches 21 through 26.
Vuln ID Summary CVSS Severity
CVE-2019-11539

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands.

Published: April 25, 2019; 10:29:00 PM -0400 		V4.0:(not available)
 V3.1: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2018-18284

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.

Published: October 19, 2018; 6:29:01 PM -0400 		V4.0:(not available)
 V3.0: 8.6 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-16513

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.

Published: September 05, 2018; 9:29:00 AM -0400 		V4.0:(not available)
 V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-15911

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.

Published: August 28, 2018; 12:29:00 AM -0400 		V4.0:(not available)
 V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-15910

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.

Published: August 27, 2018; 1:29:00 PM -0400 		V4.0:(not available)
 V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-15909

In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.

Published: August 27, 2018; 1:29:00 PM -0400 		V4.0:(not available)
 V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM