Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
palo alto networks vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3385
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote malicious user to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. ...
NA
CVE-2024-3386
An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally ...
NA
CVE-2024-3387
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an malicious user to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient comput...
NA
CVE-2024-3388
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated malicious user to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the malicious user to receive response pa...
6.1
CVSSv3
CVE-2018-10139
The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and previous versions, PAN-OS 7.1.18 and previous versions, PAN-OS 8.0.11 and previous versions may allow an unauthenticated malicious user to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT ...
Paloaltonetworks Pan-os
4.3
CVSSv3
CVE-2018-10140
The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and previous versions may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT af...
Paloaltonetworks Pan-os
6.1
CVSSv3
CVE-2018-10141
GlobalProtect Portal Login page in Palo Alto Networks PAN-OS prior to 8.1.4 allows an unauthenticated malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
7.5
CVSSv3
CVE-2018-10142
The Expedition Migration tool 1.0.106 and previous versions may allow an unauthenticated malicious user to enumerate files on the operating system.
Paloaltonetworks Expedition 1.0.106
4.3
CVSSv3
CVE-2021-3049
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impac...
Paloaltonetworks Cortex Xsoar 5.5.0
Paloaltonetworks Cortex Xsoar 6.1.0
8.8
CVSSv3
CVE-2021-3050
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 throu...
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »