Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pan-os vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-9242
The PAN-OS management web interface page in PAN-OS 6.1.20 and previous versions, PAN-OS 7.1.16 and previous versions, PAN-OS 8.0.9 and previous versions may allow an malicious user to delete files in the system via specific request parameters.
Paloaltonetworks Pan-os
6.5
CVSSv3
CVE-2016-9149
The Addresses Object parser in Palo Alto Networks PAN-OS prior to 5.0.20, 5.1.x prior to 5.1.13, 6.0.x prior to 6.0.15, 6.1.x prior to 6.1.15, 7.0.x prior to 7.0.11, and 7.1.x prior to 7.1.6 mishandles single quote characters, which allows remote authenticated users to conduct XP...
Paloaltonetworks Pan-os
6.1
CVSSv3
CVE-2017-15941
Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, 7.1.x prior to 7.1.14, and 8.0.x prior to 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote malicious users to inject arbitrary web script or H...
Paloaltonetworks Pan-os
9.8
CVSSv3
CVE-2017-15944
Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, 7.1.x prior to 7.1.14, and 8.0.x prior to 8.0.6 allows remote malicious users to execute arbitrary code via vectors involving the management interface.
Paloaltonetworks Pan-os
2 EDB exploits
3 Github repositories
6.1
CVSSv3
CVE-2018-10141
GlobalProtect Portal Login page in Palo Alto Networks PAN-OS prior to 8.1.4 allows an unauthenticated malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
8.8
CVSSv3
CVE-2020-1975
Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 version...
Paloaltonetworks Pan-os
7.8
CVSSv3
CVE-2020-1979
A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges...
Paloaltonetworks Pan-os
7.8
CVSSv3
CVE-2020-1980
A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later ...
Paloaltonetworks Pan-os
7.8
CVSSv3
CVE-2020-1981
A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance. This iss...
Paloaltonetworks Pan-os
5.4
CVSSv3
CVE-2020-1993
The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's session ID. This issue affects: All PAN-OS 7.1 and 8.0 versions; PAN-OS 8.1 versi...
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »