Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pan-os vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2012-6592
Palo Alto Networks PAN-OS prior to 3.1.10 and 4.0.x prior to 4.0.5 allows remote malicious users to execute arbitrary commands via unspecified vectors, aka Ref ID 31091.
Paloaltonetworks Pan-os 4.0.2
Paloaltonetworks Pan-os 4.0.3
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 4.0.4
Paloaltonetworks Pan-os 4.0.1
Paloaltonetworks Pan-os 4.0.0
10
CVSSv2
CVE-2012-6593
Palo Alto Networks PAN-OS prior to 3.1.10 and 4.0.x prior to 4.0.4 allows remote malicious users to execute arbitrary commands via unspecified vectors, aka Ref ID 30088.
Paloaltonetworks Pan-os 4.0.0
Paloaltonetworks Pan-os 4.0.1
Paloaltonetworks Pan-os 4.0.3
Paloaltonetworks Pan-os 4.0.2
Paloaltonetworks Pan-os
10
CVSSv2
CVE-2012-6603
The web management UI in Palo Alto Networks PAN-OS prior to 3.1.12, 4.0.x prior to 4.0.10, and 4.1.x prior to 4.1.4 allows remote malicious users to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034.
Paloaltonetworks Pan-os 4.0.5
Paloaltonetworks Pan-os 4.0.6
Paloaltonetworks Pan-os 4.0.7
Paloaltonetworks Pan-os 4.0.8
Paloaltonetworks Pan-os 4.1.1
Paloaltonetworks Pan-os 4.1.2
Paloaltonetworks Pan-os 4.1.3
Paloaltonetworks Pan-os 4.0.0
Paloaltonetworks Pan-os 4.0.2
Paloaltonetworks Pan-os 4.0.4
Paloaltonetworks Pan-os 3.1.9
Paloaltonetworks Pan-os 3.1.10
Paloaltonetworks Pan-os 4.1.0
Paloaltonetworks Pan-os 4.0.1
Paloaltonetworks Pan-os 4.0.3
Paloaltonetworks Pan-os
9.3
CVSSv2
CVE-2021-3060
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The at...
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Pan-os
2 Github repositories
9.3
CVSSv2
CVE-2020-2034
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based malicious user to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be ...
Paloaltonetworks Pan-os
2 Github repositories
1 Article
9.3
CVSSv2
CVE-2020-2021
When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based malicious...
Paloaltonetworks Pan-os
3 Github repositories
1 Article
9.3
CVSSv2
CVE-2020-2018
An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit th...
Paloaltonetworks Pan-os
9.3
CVSSv2
CVE-2020-1992
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote malicious users to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects P...
Paloaltonetworks Pan-os
9.3
CVSSv2
CVE-2015-6531
Palo Alto Networks Panorama VM Appliance with PAN-OS prior to 6.0.1 might allow remote malicious users to execute arbitrary Python code via a crafted firmware image file.
Paloaltonetworks Pan-os
9
CVSSv2
CVE-2022-0024
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configu...
Paloaltonetworks Pan-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »