CVE-2018-16261

In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust.

Publication date: Fri, 07 Sep 2018 04:29:00 +0000

Cyber News related to CVE-2018-16261

CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
55 years ago Tenable.com

CVE-2018-16261 - In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust. ...
5 years ago

CVE-2019-16261 - Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NOTE: the vendor's position is that a newer ...
5 years ago

CVE-2020-16261 - Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access. ...
3 years ago

CVE-2017-16261 - Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based ...
2 years ago

CVE-2018-0912 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0923 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0916 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0914 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0921 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0909 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0911 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0947 - Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0917 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0910 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0944 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0913 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0769 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

CVE-2018-0778 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
4 years ago

CVE-2018-0773 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
4 years ago

CVE-2018-0772 - Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 ...
4 years ago

CVE-2018-0758 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

CVE-2018-0781 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

CVE-2018-0770 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

CVE-2018-0860 - Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption ...
4 years ago

Latest Cyber News

Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) To Hack Windows Systems - 12 minutes ago
New Malware Exploiting Outlook As a Communication Channel via The Microsoft Graph API - 40 minutes ago
Have I Been Pwned likely to Ban Resellers - 1 hour ago
Path Confusion in Nginx/Apache Leads to Critical Auth Bypass in PAN-OS - 1 hour ago
Amazon Machine Image Name Confusion Attack Let Attackers Publish Resource - 1 hour ago
KASLR Exploited: Breaking macOS Apple Silicon Kernel Hardening Techniques - 2 hours ago
Hackers Using Pyramid Pentesting Tool For Stealthy C2 Communications - 3 hours ago
BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 4 hours ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 6 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 7 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 8 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 8 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 9 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 11 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 11 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 12 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 12 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 13 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 15 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 15 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) To Hack Windows Systems - 12 minutes ago
New Malware Exploiting Outlook As a Communication Channel via The Microsoft Graph API - 40 minutes ago
Have I Been Pwned likely to Ban Resellers - 1 hour ago
Path Confusion in Nginx/Apache Leads to Critical Auth Bypass in PAN-OS - 1 hour ago
Amazon Machine Image Name Confusion Attack Let Attackers Publish Resource - 1 hour ago
KASLR Exploited: Breaking macOS Apple Silicon Kernel Hardening Techniques - 2 hours ago
Hackers Using Pyramid Pentesting Tool For Stealthy C2 Communications - 3 hours ago
BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 4 hours ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 6 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 7 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 8 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 8 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 9 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 11 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 11 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 12 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 12 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 13 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 15 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 18 hours ago