Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-38046
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system.
Paloaltonetworks Pan-os 11.0.0
Paloaltonetworks Pan-os
2.1
CVSSv2
CVE-2018-9334
The PAN-OS management web interface page in PAN-OS 6.1.20 and previous versions, PAN-OS 7.1.16 and previous versions, PAN-OS 8.0.8 and previous versions, and PAN-OS 8.1.0 may allow an malicious user to access the GlobalProtect password hashes of local users via manipulation of th...
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 8.1.0
1 Github repository
NA
CVE-2023-6790
A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote malicious user to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 11.0.0
NA
CVE-2023-6791
A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 11.0.0
6.5
CVSSv2
CVE-2019-1575
Information disclosure in PAN-OS 7.1.23 and previous versions, PAN-OS 8.0.18 and previous versions, PAN-OS 8.1.8-h4 and previous versions, and PAN-OS 9.0.2 and previous versions may allow for an authenticated user with read-only privileges to extract the API key of the device and...
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 8.1.8
8.5
CVSSv2
CVE-2021-3056
A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated malicious user to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; ...
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 10.0.0
9
CVSSv2
CVE-2021-3061
An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8...
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Pan-os
9.3
CVSSv2
CVE-2021-3060
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The at...
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Pan-os
2 Github repositories
NA
CVE-2023-0003
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.
Paloaltonetworks Cortex Xsoar 6.8.0
Paloaltonetworks Cortex Xsoar 6.6.0
Paloaltonetworks Cortex Xsoar
Paloaltonetworks Cortex Xsoar 6.9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
1 Github repository
3.5
CVSSv2
CVE-2022-0020
A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based malicious user to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of auth...
Paloaltonetworks Cortex Xsoar 6.2.0
Paloaltonetworks Cortex Xsoar 6.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »