Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks pan-os vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-15942
Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, 7.1.x prior to 7.1.13, and 8.0.x prior to 8.0.6 allows remote malicious users to cause a denial of service via vectors related to the management interface.
Paloaltonetworks Pan-os
5.3
CVSSv3
CVE-2017-15943
The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, and 7.1.x prior to 7.1.14 allows remote malicious users to conduct server-side request forgery...
Paloaltonetworks Pan-os
7.2
CVSSv3
CVE-2016-3654
The device management command line interface (CLI) in Palo Alto Networks PAN-OS prior to 5.0.18, 5.1.x prior to 5.1.11, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.10, and 7.0.x prior to 7.0.5H2 allows remote authenticated administrators to execute arbitrary OS commands via an SSH ...
Paloaltonetworks Pan-os
9.8
CVSSv3
CVE-2016-3655
The management web interface in Palo Alto Networks PAN-OS prior to 5.0.18, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.10, and 7.0.x prior to 7.0.5 allows remote malicious users to execute arbitrary OS commands via an unspecified API call.
Paloaltonetworks Pan-os
7.5
CVSSv3
CVE-2016-3656
The GlobalProtect Portal in Palo Alto Networks PAN-OS prior to 5.0.18, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.10, and 7.0.x prior to 7.0.5H2 allows remote malicious users to cause a denial of service (service crash) via a crafted request.
Paloaltonetworks Pan-os
9.8
CVSSv3
CVE-2016-3657
Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS prior to 5.0.18, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.10, and 7.0.x prior to 7.0.5 allows remote malicious users to cause a denial of service (device crash) or possibly execute arbitrary code via an SSL...
Paloaltonetworks Pan-os
5.4
CVSSv3
CVE-2018-9335
The PAN-OS session browser in PAN-OS 6.1.20 and previous versions, PAN-OS 7.1.16 and previous versions, PAN-OS 8.0.9 and previous versions, and PAN-OS 8.1.1 and previous versions may allow an malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
5.4
CVSSv3
CVE-2018-9337
The PAN-OS web interface administration page in PAN-OS 6.1.20 and previous versions, PAN-OS 7.1.17 and previous versions, PAN-OS 8.0.10 and previous versions, and PAN-OS 8.1.1 and previous versions may allow an malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
9.8
CVSSv3
CVE-2019-17440
Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions before 9.0....
Paloaltonetworks Pan-os
8.8
CVSSv3
CVE-2020-1975
Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 version...
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »