Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pan-os vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2020-2050
An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an malicious user to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any use...
Paloaltonetworks Pan-os
561
VMScore
CVE-2012-6597
Palo Alto Networks PAN-OS prior to 3.1.11 and 4.0.x prior to 4.0.9 allows remote authenticated users to cause a denial of service (management-server crash) by using the command-line interface for a crafted command, aka Ref ID 35254.
Paloaltonetworks Pan-os 4.0.0
Paloaltonetworks Pan-os 4.0.1
Paloaltonetworks Pan-os 4.0.6
Paloaltonetworks Pan-os 4.0.7
Paloaltonetworks Pan-os 4.0.8
Paloaltonetworks Pan-os 3.1.9
Paloaltonetworks Pan-os 4.0.2
Paloaltonetworks Pan-os 4.0.4
Paloaltonetworks Pan-os 4.0.3
Paloaltonetworks Pan-os 4.0.5
Paloaltonetworks Pan-os
535
VMScore
CVE-2022-31626
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow ...
Php Php
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
534
VMScore
CVE-2021-3062
An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enable...
Paloaltonetworks Pan-os
516
VMScore
CVE-2020-12321
Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Intel Dual Band Wireless-ac 3168 Firmware
Intel Dual Band Wireless-ac 8260 Firmware
Intel Dual Band Wireless-ac 8265 Firmware
Intel Wi-fi 6 Ax200 Firmware
Intel Wi-fi 6 Ax201 Firmware
Intel Wireless-ac 9260 Firmware
Intel Wireless-ac 9461 Firmware
Intel Wireless-ac 9462 Firmware
Intel Wireless-ac 9560 Firmware
Intel Wireless 7265 \\(rev D\\) Firmware
Intel Dual Band Wireless-ac 3165 Firmware
516
VMScore
CVE-2020-1982
Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditions requir...
Paloaltonetworks Pan-os
516
VMScore
CVE-2020-1997
An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an malicious user to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. If the user then successfully authenticates it will cause them to access ...
Paloaltonetworks Pan-os
490
VMScore
CVE-2020-1993
The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's session ID. This issue affects: All PAN-OS 7.1 and 8.0 versions; PAN-OS 8.1 versi...
Paloaltonetworks Pan-os
470
VMScore
CVE-2016-9151
Palo Alto Networks PAN-OS prior to 5.0.20, 5.1.x prior to 5.1.13, 6.0.x prior to 6.0.15, 6.1.x prior to 6.1.15, 7.0.x prior to 7.0.11, and 7.1.x prior to 7.1.6 allows local users to gain privileges via crafted values of unspecified environment variables.
Paloaltonetworks Pan-os
2 EDB exploits
454
VMScore
CVE-2020-2022
An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerabi...
Paloaltonetworks Pan-os
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »