Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks vulnerabilities and exploits
(subscribe to this query)
6.6
CVSSv2
CVE-2019-17436
A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and previous versions and version 4.1.12 and previous versions, that can allow non-root users to overwrite root files on the file system.
Paloaltonetworks Globalprotect
3.5
CVSSv2
CVE-2019-1571
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the RADIUS server settings.
Paloaltonetworks Expedition
6.5
CVSSv2
CVE-2019-1577
Code injection vulnerability in Palo Alto Networks Traps 5.0.5 and previous versions may allow an authenticated malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Traps
4.3
CVSSv2
CVE-2019-1578
Cross-site scripting vulnerability in Palo Alto Networks MineMeld version 0.9.60 and previous versions may allow a remote attacker able to convince an authenticated MineMeld admin to type malicious input in the MineMeld UI could execute arbitrary JavaScript code in the admin&rsqu...
Paloaltonetworks Minemeld
6
CVSSv2
CVE-2019-1583
Escalation of privilege vulnerability in the Palo Alto Networks Twistlock console 19.07.358 and previous versions allows a Twistlock user with Operator capabilities to escalate privileges to that of another user. Active interaction with an affected component is required for the p...
Paloaltonetworks Twistlock
1.9
CVSSv2
CVE-2019-1573
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and previous versions for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and repl...
Paloaltonetworks Globalprotect
4.6
CVSSv2
CVE-2020-1985
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows.
Paloaltonetworks Secdo
4.9
CVSSv2
CVE-2020-1986
Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk (C:\) to cause a system crash on every login. This issue affects all versions Secdo for Windows.
Paloaltonetworks Secdo
1.7
CVSSv2
CVE-2020-2004
Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. For this issue to occur all of these conditi...
Paloaltonetworks Globalprotect
NA
CVE-2023-6789
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload e...
Paloaltonetworks Pan-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »