Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
palo alto networks vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2021-3051
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions ...
Paloaltonetworks Cortex Xsoar 5.5.0
Paloaltonetworks Cortex Xsoar 6.0.2
Paloaltonetworks Cortex Xsoar 6.1.0
Paloaltonetworks Cortex Xsoar 6.2.0
5.4
CVSSv3
CVE-2021-3052
A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based malicious user to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in t...
Paloaltonetworks Pan-os
7.5
CVSSv3
CVE-2021-3053
An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based malicious user to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempt...
Paloaltonetworks Pan-os
6.6
CVSSv3
CVE-2021-3054
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 version...
Paloaltonetworks Pan-os
8.1
CVSSv3
CVE-2021-3057
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle malicious user to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 vers...
Paloaltonetworks Globalprotect
Paloaltonetworks Globalprotect 5.0
8.1
CVSSv3
CVE-2021-3060
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The at...
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Pan-os
2 Github repositories
5.4
CVSSv3
CVE-2019-1565
The PAN-OS external dynamics lists in PAN-OS 7.1.21 and previous versions, PAN-OS 8.0.14 and previous versions, and PAN-OS 8.1.5 and previous versions, may allow an attacker that is authenticated in Next Generation Firewall with write privileges to External Dynamic List configura...
Paloaltonetworks Pan-os
6.1
CVSSv3
CVE-2019-1566
The PAN-OS management web interface in PAN-OS 7.1.21 and previous versions, PAN-OS 8.0.14 and previous versions, and PAN-OS 8.1.5 and previous versions, may allow an unauthenticated malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
4.8
CVSSv3
CVE-2019-1569
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
Paloaltonetworks Expedition
4.8
CVSSv3
CVE-2019-1570
The Expedition Migration tool 1.1.8 and previous versions may allow an authenticated malicious user to run arbitrary JavaScript or HTML in the LDAP server settings.
Paloaltonetworks Expedition
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »