Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
palo alto networks vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2022-0022
Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-...
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2022-0023
An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Rep...
Paloaltonetworks Pan-os
7.2
CVSSv2
CVE-2022-0026
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This ...
Paloaltonetworks Cortex Xdr Agent 6.1
Paloaltonetworks Cortex Xdr Agent 6.1.4
Paloaltonetworks Cortex Xdr Agent 6.1.5
Paloaltonetworks Cortex Xdr Agent 6.1.6
Paloaltonetworks Cortex Xdr Agent 6.1.7
Paloaltonetworks Cortex Xdr Agent 6.1.8
Paloaltonetworks Cortex Xdr Agent 6.1.9
Paloaltonetworks Cortex Xdr Agent 7.4.4
Paloaltonetworks Cortex Xdr Agent 7.4.3
Paloaltonetworks Cortex Xdr Agent 7.4.2
Paloaltonetworks Cortex Xdr Agent 7.4.1
Paloaltonetworks Cortex Xdr Agent 7.5.1
Paloaltonetworks Cortex Xdr Agent 7.5.2
Paloaltonetworks Cortex Xdr Agent 7.5.3
Paloaltonetworks Cortex Xdr Agent 7.6.1
Paloaltonetworks Cortex Xdr Agent 7.6.2
Paloaltonetworks Cortex Xdr Agent 7.7
Paloaltonetworks Cortex Xdr Agent 7.7.1
Paloaltonetworks Cortex Xdr Agent 7.5
9
CVSSv2
CVE-2017-15940
The web interface packet capture management component in Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, 7.1.x prior to 7.1.14, and 8.0.x prior to 8.0.6 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Paloaltonetworks Pan-os
NA
CVE-2018-121305
PAN-SA-2019-0012 Information about Recent Intel Side Channel Vulnerabilities
3.6
CVSSv2
CVE-2022-0012
An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of service condition. This issue impact...
Paloaltonetworks Cortex Xdr Agent
2.1
CVSSv2
CVE-2022-0013
A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local malicious user to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 ...
Paloaltonetworks Cortex Xdr Agent
4.6
CVSSv2
CVE-2022-0015
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex ...
Paloaltonetworks Cortex Xdr Agent
6.9
CVSSv2
CVE-2022-0016
An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local malicious user to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under...
Paloaltonetworks Globalprotect
6.9
CVSSv2
CVE-2022-0017
An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local malicious user to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges un...
Paloaltonetworks Globalprotect
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »