Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks globalprotect vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv3
CVE-2023-0006
A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.
Paloaltonetworks Globalprotect 6.1.0
Paloaltonetworks Globalprotect
7.8
CVSSv3
CVE-2023-0009
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.
Paloaltonetworks Globalprotect 6.1.0
Paloaltonetworks Globalprotect
8.1
CVSSv3
CVE-2021-3057
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle malicious user to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 vers...
Paloaltonetworks Globalprotect
Paloaltonetworks Globalprotect 5.0
NA
CVE-2012-6606
Palo Alto Networks GlobalProtect prior to 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof portal servers and obtain sensitive information via a crafted certificate.
Paloaltonetworks Netconnect -
Paloaltonetworks Globalprotect
1 Github repository
7.8
CVSSv3
CVE-2022-0016
An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local malicious user to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under...
Paloaltonetworks Globalprotect
7.8
CVSSv3
CVE-2022-0017
An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local malicious user to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges un...
Paloaltonetworks Globalprotect
6.5
CVSSv3
CVE-2022-0018
An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration....
Paloaltonetworks Globalprotect
5.5
CVSSv3
CVE-2019-17435
A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and previous versions, and GlobalProtect Agent for Windows 4.1.12 and previous versions, in which the auto-update feature can allow for modification of a GlobalProtect Agent MSI install...
Paloaltonetworks Globalprotect
7.1
CVSSv3
CVE-2019-17436
A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and previous versions and version 4.1.12 and previous versions, that can allow non-root users to overwrite root files on the file system.
Paloaltonetworks Globalprotect
3.3
CVSSv3
CVE-2020-1987
An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump". This issue affects Palo Alto Networks Glob...
Paloaltonetworks Globalprotect
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »