Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks pan-os vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2020-2037
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0...
Paloaltonetworks Pan-os
9
CVSSv2
CVE-2020-2038
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10....
Paloaltonetworks Pan-os
1 Github repository
5
CVSSv2
CVE-2020-2039
An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an malicious use...
Paloaltonetworks Pan-os
10
CVSSv2
CVE-2020-2040
A buffer overflow vulnerability in PAN-OS allows an unauthenticated malicious user to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue imp...
Paloaltonetworks Pan-os
1 Article
9
CVSSv2
CVE-2020-2042
A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2017-15941
Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, 7.1.x prior to 7.1.14, and 8.0.x prior to 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote malicious users to inject arbitrary web script or H...
Paloaltonetworks Pan-os
5
CVSSv2
CVE-2017-15943
The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, and 7.1.x prior to 7.1.14 allows remote malicious users to conduct server-side request forgery...
Paloaltonetworks Pan-os
6.5
CVSSv2
CVE-2019-1582
Memory corruption in PAN-OS 8.1.9 and previous versions, and PAN-OS 9.0.3 and previous versions will allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.
Paloaltonetworks Pan-os
NA
CVE-2023-6789
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload e...
Paloaltonetworks Pan-os
NA
CVE-2023-6792
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.
Paloaltonetworks Pan-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »