Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pan-os vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2020-2010
An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions e...
Paloaltonetworks Pan-os
5
CVSSv2
CVE-2020-2012
Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system. This iss...
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2021-3046
An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated malicious user to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. This iss...
Paloaltonetworks Pan-os
9
CVSSv2
CVE-2020-2042
A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.
Paloaltonetworks Pan-os
4
CVSSv2
CVE-2020-2044
An information exposure through log file vulnerability where an administrator's password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS software. The opcmdhistory.log file was introduced to track operational command...
Paloaltonetworks Pan-os
9.3
CVSSv2
CVE-2020-1992
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote malicious users to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects P...
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2022-0023
An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Rep...
Paloaltonetworks Pan-os
NA
CVE-2022-0030
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2019-1566
The PAN-OS management web interface in PAN-OS 7.1.21 and previous versions, PAN-OS 8.0.14 and previous versions, and PAN-OS 8.1.5 and previous versions, may allow an unauthenticated malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
6.5
CVSSv2
CVE-2020-1975
Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 version...
Paloaltonetworks Pan-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »