Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks globalprotect vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv3
CVE-2023-0006
A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.
Paloaltonetworks Globalprotect 6.1.0
Paloaltonetworks Globalprotect
7.8
CVSSv3
CVE-2023-0009
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.
Paloaltonetworks Globalprotect 6.1.0
Paloaltonetworks Globalprotect
8.1
CVSSv3
CVE-2021-3057
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle malicious user to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 vers...
Paloaltonetworks Globalprotect
Paloaltonetworks Globalprotect 5.0
NA
CVE-2012-6606
Palo Alto Networks GlobalProtect prior to 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof portal servers and obtain sensitive information via a crafted certificate.
Paloaltonetworks Netconnect -
Paloaltonetworks Globalprotect
1 Github repository
5.5
CVSSv3
CVE-2021-3038
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProt...
Paloaltonetworks Globalprotect
7.8
CVSSv3
CVE-2022-0016
An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local malicious user to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under...
Paloaltonetworks Globalprotect
5.5
CVSSv3
CVE-2022-0021
An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect A...
Paloaltonetworks Globalprotect
6.5
CVSSv3
CVE-2022-0018
An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration....
Paloaltonetworks Globalprotect
5.5
CVSSv3
CVE-2022-0019
An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. Th...
Paloaltonetworks Globalprotect
2.5
CVSSv3
CVE-2019-1573
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and previous versions for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and repl...
Paloaltonetworks Globalprotect
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
log injection
CVE-2024-37079
type confusion
CVE-2024-32943
CVE-2024-30103
CVE-2024-37350
arbitrary code
CVE-2024-6189
CVE-2024-6225
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »