Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2020-1989
An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. This issue affects Palo Alto Networks Global P...
Paloaltonetworks Globalprotect
1.9
CVSSv2
CVE-2019-1573
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and previous versions for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and repl...
Paloaltonetworks Globalprotect
6.9
CVSSv2
CVE-2020-2032
A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. This issue affects: GlobalProtect app 5.0 ...
Paloaltonetworks Globalprotect
4.3
CVSSv2
CVE-2019-1578
Cross-site scripting vulnerability in Palo Alto Networks MineMeld version 0.9.60 and previous versions may allow a remote attacker able to convince an authenticated MineMeld admin to type malicious input in the MineMeld UI could execute arbitrary JavaScript code in the admin&rsqu...
Paloaltonetworks Minemeld
4.9
CVSSv2
CVE-2021-3038
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProt...
Paloaltonetworks Globalprotect
7.2
CVSSv2
CVE-2017-15870
Palo Alto Networks GlobalProtect Agent prior to 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving "image path execution hijacking."
Paloaltonetworks Globalprotect
3.5
CVSSv2
CVE-2019-1570
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the LDAP server settings.
Paloaltonetworks Expedition
3.5
CVSSv2
CVE-2019-1571
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the RADIUS server settings.
Paloaltonetworks Expedition
3.6
CVSSv2
CVE-2022-0012
An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of service condition. This issue impact...
Paloaltonetworks Cortex Xdr Agent
2.1
CVSSv2
CVE-2022-0013
A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local malicious user to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 ...
Paloaltonetworks Cortex Xdr Agent
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »