Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
palo alto networks vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv3
CVE-2023-0006
A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.
Paloaltonetworks Globalprotect 6.1.0
Paloaltonetworks Globalprotect
NA
CVE-2007-2768
OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote malicious users to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issu...
Openbsd Openssh
Netapp Hci Management Node -
Netapp Solidfire -
Netapp Steelstore Cloud Integrated Storage -
Netapp Hci Storage Node -
6.5
CVSSv3
CVE-2022-0011
PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed (depending on your rules) regardless of their associated URL category. This is done by creating a custom URL category list or by using an external...
Paloaltonetworks Pan-os
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Prisma Access 2.2
5.5
CVSSv3
CVE-2022-0013
A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local malicious user to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 ...
Paloaltonetworks Cortex Xdr Agent
7.3
CVSSv3
CVE-2022-0014
An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory (such as C:\) to store a program that can then be unintentionally executed by another local user when ...
Paloaltonetworks Cortex Xdr Agent
7.8
CVSSv3
CVE-2022-0016
An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local malicious user to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under...
Paloaltonetworks Globalprotect
6.5
CVSSv3
CVE-2022-0018
An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration....
Paloaltonetworks Globalprotect
5.5
CVSSv3
CVE-2022-0019
An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. Th...
Paloaltonetworks Globalprotect
4.4
CVSSv3
CVE-2022-0022
Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-...
Paloaltonetworks Pan-os
5.9
CVSSv3
CVE-2022-0023
An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Rep...
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »