Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
globalprotect vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2019-1573
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and previous versions for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and repl...
Paloaltonetworks Globalprotect
1.7
CVSSv2
CVE-2020-2004
Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. For this issue to occur all of these conditi...
Paloaltonetworks Globalprotect
5.8
CVSSv2
CVE-2012-6606
Palo Alto Networks GlobalProtect prior to 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof portal servers and obtain sensitive information via a crafted certificate.
Paloaltonetworks Netconnect -
Paloaltonetworks Globalprotect
1 Github repository
NA
CVE-2024-2431
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode.
10
CVSSv2
CVE-2021-3064
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based malicious user to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have ...
Paloaltonetworks Pan-os
1 Github repository
1 Article
NA
CVE-2024-2432
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition.
1 Github repository
4.3
CVSSv2
CVE-2018-10139
The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and previous versions, PAN-OS 7.1.18 and previous versions, PAN-OS 8.0.11 and previous versions may allow an unauthenticated malicious user to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT ...
Paloaltonetworks Pan-os
NA
CVE-2024-3388
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated malicious user to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the malicious user to receive response pa...
4.3
CVSSv2
CVE-2017-15941
Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, 7.1.x prior to 7.1.14, and 8.0.x prior to 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote malicious users to inject arbitrary web script or H...
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2018-10141
GlobalProtect Portal Login page in Palo Alto Networks PAN-OS prior to 8.1.4 allows an unauthenticated malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »