The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of MAG Series by Pulse Secure

OpenSSL: use after free via PSK Identify Hint
An attacker can force the usage of a freed memory area via PSK Identify Hint of an OpenSSL multi-threaded client, in order to trigger a denial of service, and possibly to run code...
1972951, 1976113, 1976148, 1981612, 2003480, 2003620, 2003673, 9010051, BSA-2016-006, bulletinjan2016, c05398322, CERTFR-2015-AVI-517, cisco-sa-20151204-openssl, cpuoct2017, CVE-2015-3196, DSA-2020-062, DSA-3413-1, FEDORA-2015-d87d60b9a9, FreeBSD-SA-15:26.openssl, HPESBHF03709, JSA10759, NTAP-20151207-0001, openSUSE-SU-2015:2288-1, openSUSE-SU-2015:2289-1, RHSA-2015:2617-01, SA40100, SB10203, SOL12824341, SOL30714460, SOL55540723, SOL86772626, SSA:2015-349-04, USN-2830-1, VIGILANCE-VUL-18437
OpenSSL: information disclosure via X509_ATTRIBUTE
An attacker can read a memory fragment via X509_ATTRIBUTE of OpenSSL processing PKCS#7 or CMS data, in order to obtain sensitive information...
1972951, 1976113, 1976148, 1985739, 2003480, 2003620, 2003673, 9010051, BSA-2016-006, bulletinjan2016, c05398322, CERTFR-2015-AVI-517, CERTFR-2016-AVI-128, cisco-sa-20151204-openssl, cpuapr2017, cpuoct2016, cpuoct2017, CVE-2015-3195, DSA-2020-062, DSA-3413-1, FEDORA-2015-605de37b7f, FEDORA-2015-d87d60b9a9, FreeBSD-SA-15:26.openssl, HPESBHF03709, JSA10733, JSA10759, NTAP-20151207-0001, openSUSE-SU-2015:2288-1, openSUSE-SU-2015:2289-1, openSUSE-SU-2015:2318-1, openSUSE-SU-2015:2349-1, openSUSE-SU-2016:0637-1, openSUSE-SU-2016:0640-1, openSUSE-SU-2016:1327-1, PAN-SA-2016-0020, PAN-SA-2016-0028, RHSA-2015:2616-01, RHSA-2015:2617-01, RHSA-2016:2054-01, RHSA-2016:2055-01, RHSA-2016:2056-01, SA105, SA40100, SB10203, SOL12824341, SOL30714460, SOL55540723, SOL86772626, SSA:2015-349-04, SUSE-SU-2016:0678-1, USN-2830-1, VIGILANCE-VUL-18436
OpenSSL: NULL pointer dereference via Certificate Verification
An attacker can force a NULL pointer to be dereferenced during the certificate verification of OpenSSL (in client or server mode), in order to trigger a denial of service...
1972951, 1976113, 1976148, 1985739, 1986593, 2003480, 2003620, 2003673, 9010051, BSA-2016-006, bulletinjan2016, c05398322, CERTFR-2015-AVI-517, cisco-sa-20151204-openssl, cpuoct2017, CVE-2015-3194, DSA-2020-062, DSA-3413-1, FEDORA-2015-605de37b7f, FEDORA-2015-d87d60b9a9, FreeBSD-SA-15:26.openssl, HPESBHF03709, HT209139, JSA10759, NTAP-20151207-0001, openSUSE-SU-2015:2288-1, openSUSE-SU-2015:2289-1, openSUSE-SU-2015:2318-1, openSUSE-SU-2016:0637-1, openSUSE-SU-2016:1327-1, RHSA-2015:2617-01, SA105, SA40100, SB10203, SOL12824341, SOL30714460, SOL55540723, SOL86772626, SSA:2015-349-04, STORM-2015-017, SUSE-SU-2019:14246-1, USN-2830-1, VIGILANCE-VUL-18435
OpenSSL: disclosure of DH private key via BN_mod_exp
An attacker, with a significant amount of resources, can attack the DH algorithm, in some OpenSSL usages, in order to compute the private key...
1972951, 2003480, 2003620, 2003673, 9010051, BSA-2016-006, bulletinjan2018, c05398322, CERTFR-2015-AVI-517, cisco-sa-20151204-openssl, cpuoct2017, CVE-2015-3193, DSA-2020-062, FEDORA-2015-605de37b7f, HPESBHF03709, JSA10759, NTAP-20151207-0001, SA40100, SB10203, SOL12824341, SOL30714460, SOL55540723, SOL86772626, SSA:2015-349-04, SUSE-SU-2019:14246-1, USN-2830-1, VIGILANCE-VUL-18434
Pulse Secure Connect Secure: Man-in-the-Middle of Hardware Acceleration
An attacker can perform a Man-in-the-Middle when the Hardware Acceleration is enabled on Pulse Secure Connect Secure, in order to read or alter TLS session data...
CVE-2015-5369, SA40004, TSB16756, VIGILANCE-VUL-17547
Our database contains other pages. You can request a free trial to read them.