Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks globalprotect vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-2004
Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. For this issue to occur all of these conditi...
Paloaltonetworks Globalprotect
8.8
CVSSv3
CVE-2021-3056
A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated malicious user to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; ...
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 10.0.0
10
CVSSv3
CVE-2024-3400
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated malicious user to execute arbitrary code with...
Paloaltonetworks Pan-os 10.2.7
Paloaltonetworks Pan-os 10.2.2
Paloaltonetworks Pan-os 10.2.6
Paloaltonetworks Pan-os 10.2.5
Paloaltonetworks Pan-os 10.2.3
Paloaltonetworks Pan-os 10.2.4
Paloaltonetworks Pan-os 10.2.1
Paloaltonetworks Pan-os 10.2.0
Paloaltonetworks Pan-os 10.2.9
Paloaltonetworks Pan-os 11.1.1
Paloaltonetworks Pan-os 11.0.2
Paloaltonetworks Pan-os 11.1.0
Paloaltonetworks Pan-os 11.1.2
Paloaltonetworks Pan-os 11.0.4
Paloaltonetworks Pan-os 11.0.3
Paloaltonetworks Pan-os 11.0.0
Paloaltonetworks Pan-os 11.0.1
Paloaltonetworks Pan-os 10.2.8
42 Github repositories
7 Articles
9.8
CVSSv3
CVE-2021-3064
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based malicious user to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have ...
Paloaltonetworks Pan-os
1 Github repository
1 Article
6.1
CVSSv3
CVE-2018-10139
The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and previous versions, PAN-OS 7.1.18 and previous versions, PAN-OS 8.0.11 and previous versions may allow an unauthenticated malicious user to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT ...
Paloaltonetworks Pan-os
6.1
CVSSv3
CVE-2017-9467
Cross-site scripting (XSS) vulnerability in the GlobalProtect external interface in Palo Alto Networks PAN-OS prior to 6.1.18, 7.x prior to 7.0.16, 7.1.x prior to 7.1.11, and 8.x prior to 8.0.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified v...
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 7.0.7
Paloaltonetworks Pan-os 7.0.9
Paloaltonetworks Pan-os 7.1.0
Paloaltonetworks Pan-os 7.1.2
Paloaltonetworks Pan-os 7.1.7
Paloaltonetworks Pan-os 7.1.9
Paloaltonetworks Pan-os 7.0.2
Paloaltonetworks Pan-os 7.0.3
Paloaltonetworks Pan-os 7.0.4
Paloaltonetworks Pan-os 7.0.5
Paloaltonetworks Pan-os 7.0.6
Paloaltonetworks Pan-os 7.1.3
Paloaltonetworks Pan-os 7.1.4
Paloaltonetworks Pan-os 7.1.4-h2
Paloaltonetworks Pan-os 7.1.6
Paloaltonetworks Pan-os 7.0.11
Paloaltonetworks Pan-os 7.0.12
Paloaltonetworks Pan-os 7.0.13
Paloaltonetworks Pan-os 7.0.14
Paloaltonetworks Pan-os 8.0.0
Paloaltonetworks Pan-os 8.0.1
6.1
CVSSv3
CVE-2017-15941
Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, 7.1.x prior to 7.1.14, and 8.0.x prior to 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote malicious users to inject arbitrary web script or H...
Paloaltonetworks Pan-os
6.1
CVSSv3
CVE-2017-12416
Cross-site scripting (XSS) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS prior to 6.1.18, 7.0.x prior to 7.0.17, 7.1.x prior to 7.1.12, and 8.0.x prior to 8.0.3 allows remote malicious users to inject arbitrary web script ...
Paloaltonetworks Pan-os 8.0.1
Paloaltonetworks Pan-os 7.1.8
Paloaltonetworks Pan-os 7.1.0
Paloaltonetworks Pan-os 7.0.2
Paloaltonetworks Pan-os 7.0.4
Paloaltonetworks Pan-os 7.0.9
Paloaltonetworks Pan-os 7.0.11
Paloaltonetworks Pan-os 7.1.2
Paloaltonetworks Pan-os 7.1.3
Paloaltonetworks Pan-os 7.1.4
Paloaltonetworks Pan-os 7.0.0
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 7.1.11
Paloaltonetworks Pan-os 7.1.10
Paloaltonetworks Pan-os 7.1.9
Paloaltonetworks Pan-os 7.1.6
Paloaltonetworks Pan-os 7.0.5
Paloaltonetworks Pan-os 7.0.6
Paloaltonetworks Pan-os 7.0.7
Paloaltonetworks Pan-os 7.0.8
Paloaltonetworks Pan-os 8.0.0
Paloaltonetworks Pan-os 8.0.2
9.8
CVSSv3
CVE-2017-9458
XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS prior to 6.1.18, 7.0.x prior to 7.0.17, 7.1.x prior to 7.1.12, and 8.0.x prior to 8.0.3 allows remote malicious users to obtain sensitive information,...
Paloaltonetworks Pan-os 7.0.4
Paloaltonetworks Pan-os 7.0.5
Paloaltonetworks Pan-os 7.0.6
Paloaltonetworks Pan-os 7.0.7
Paloaltonetworks Pan-os 7.1.8
Paloaltonetworks Pan-os 7.1.9
Paloaltonetworks Pan-os 7.1.10
Paloaltonetworks Pan-os 7.1.11
Paloaltonetworks Pan-os 7.0.1
Paloaltonetworks Pan-os 7.0.3
Paloaltonetworks Pan-os 7.0.8
Paloaltonetworks Pan-os 7.0.10
Paloaltonetworks Pan-os 7.1.4
Paloaltonetworks Pan-os 7.1.6
Paloaltonetworks Pan-os 8.0.1
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 7.0.12
Paloaltonetworks Pan-os 7.1.0
Paloaltonetworks Pan-os 7.1.1
Paloaltonetworks Pan-os 7.1.2
Paloaltonetworks Pan-os 7.1.3
Paloaltonetworks Pan-os 7.0.0
6.5
CVSSv3
CVE-2021-3046
An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated malicious user to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. This iss...
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »