Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
palo alto networks vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2012-4043
Cross-site scripting (XSS) vulnerability in global-protect/login.esp in Palo Alto Networks Global Protect Portal, Global Protect Gateway, and SSL VPN portals 3.1.x up to and including 3.1.11 and 4.0.x up to and including 4.0.5 allows remote malicious users to inject arbitrary web...
Palo Alto Networks Global Protect Portal
Palo Alto Global Protected Gateway 3.1.11
Palo Alto Global Protected Gateway 3.1
Palo Alto Global Protected Gateway 4.0
Palo Alto Ssl Vpn 4.0.5
Palo Alto Global Protected Gateway 4.0.5
Palo Alto Ssl Vpn 3.1
Palo Alto Ssl Vpn 3.1.11
Palo Alto Ssl Vpn 4.0
435
VMScore
CVE-2010-0475
Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x prior to 3.0.9 and 3.1.x prior to 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via the role parameter.
Palo Alto Networks Firewall
1 EDB exploit
435
VMScore
CVE-2015-2223
Multiple cross-site scripting (XSS) vulnerabilities in the web-based console management interface in Palo Alto Networks Traps (formerly Cyvera Endpoint Protection) 3.1.2.1546 allow remote malicious users to inject arbitrary web script or HTML via the (1) Arguments, (2) FileName, ...
Palo Alto Networks Traps 3.1.2.1546
1 EDB exploit
470
VMScore
CVE-2016-9151
Palo Alto Networks PAN-OS prior to 5.0.20, 5.1.x prior to 5.1.13, 6.0.x prior to 6.0.15, 6.1.x prior to 6.1.15, 7.0.x prior to 7.0.11, and 7.1.x prior to 7.1.6 allows local users to gain privileges via crafted values of unspecified environment variables.
Paloaltonetworks Pan-os
2 EDB exploits
761
VMScore
CVE-2017-15944
Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, 7.1.x prior to 7.1.14, and 8.0.x prior to 8.0.6 allows remote malicious users to execute arbitrary code via vectors involving the management interface.
Paloaltonetworks Pan-os
2 EDB exploits
3 Github repositories
465
VMScore
CVE-2017-5329
Palo Alto Networks Terminal Services Agent prior to 7.0.7 allows local users to gain privileges via vectors that trigger an out-of-bounds write operation.
Paloaltonetworks Terminal Services Agent
1 EDB exploit
1000
VMScore
CVE-2016-9150
Buffer overflow in the management web interface in Palo Alto Networks PAN-OS prior to 5.0.20, 5.1.x prior to 5.1.13, 6.0.x prior to 6.0.15, 6.1.x prior to 6.1.15, 7.0.x prior to 7.0.11, and 7.1.x prior to 7.1.6 allows remote malicious users to execute arbitrary code via unspecifi...
Paloaltonetworks Pan-os
1 EDB exploit
NA
CVE-2024-34000
Palo Alto Networks fixes zero-day exploited to backdoor firewalls
4 Articles
NA
CVE-2024-3400
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated malicious user to execute arbitrary code with...
Paloaltonetworks Pan-os 10.2.7
Paloaltonetworks Pan-os 10.2.2
Paloaltonetworks Pan-os 10.2.6
Paloaltonetworks Pan-os 10.2.5
Paloaltonetworks Pan-os 10.2.3
Paloaltonetworks Pan-os 10.2.4
Paloaltonetworks Pan-os 10.2.1
Paloaltonetworks Pan-os 10.2.0
Paloaltonetworks Pan-os 10.2.9
Paloaltonetworks Pan-os 11.1.1
Paloaltonetworks Pan-os 11.0.2
Paloaltonetworks Pan-os 11.1.0
Paloaltonetworks Pan-os 11.1.2
Paloaltonetworks Pan-os 11.0.4
Paloaltonetworks Pan-os 11.0.3
Paloaltonetworks Pan-os 11.0.0
Paloaltonetworks Pan-os 11.0.1
Paloaltonetworks Pan-os 10.2.8
42 Github repositories
7 Articles
445
VMScore
CVE-2020-2039
An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an malicious use...
Paloaltonetworks Pan-os
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »