Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
palo alto networks vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2022-0015
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex ...
Paloaltonetworks Cortex Xdr Agent
NA
CVE-2023-36671
An issue exists in the Clario VPN client up to and including 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not genera...
Clario Vpn
1 Article
NA
CVE-2023-46324
pkg/suci/suci.go in free5GC udm prior to 1.2.0, when Go prior to 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt...
Free5gc Udm
4.3
CVSSv2
CVE-2021-3063
An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based malicious user to send specifically crafted traffic to a GlobalProtect interface that causes the ser...
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2021-3046
An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated malicious user to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. This iss...
Paloaltonetworks Pan-os
4
CVSSv2
CVE-2021-3049
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impac...
Paloaltonetworks Cortex Xsoar 5.5.0
Paloaltonetworks Cortex Xsoar 6.1.0
6.8
CVSSv2
CVE-2021-3051
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions ...
Paloaltonetworks Cortex Xsoar 5.5.0
Paloaltonetworks Cortex Xsoar 6.0.2
Paloaltonetworks Cortex Xsoar 6.1.0
Paloaltonetworks Cortex Xsoar 6.2.0
5
CVSSv2
CVE-2019-15714
cli/lib/main.js in Entropic prior to 2019-06-13 does not reject / and \ in command names, which might allow a directory traversal attack in unusual situations.
Entropic Project Entropic
4.3
CVSSv2
CVE-2016-20012
OpenSSH up to and including 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be va...
Openbsd Openssh
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
4 Github repositories
7.8
CVSSv2
CVE-2019-5599
In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE prior to 12.0-RELEASE-p6, a bug in the non-default RACK TCP stack can allow an malicious user to cause several linked lists to grow unbounded and cause an expensive list traversal on every packet being processed, leading to r...
Freebsd Freebsd 12.0
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »