Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
palo alto networks vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2020-2038
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10....
Paloaltonetworks Pan-os
1 Github repository
10
CVSSv2
CVE-2018-10143
The Palo Alto Networks Expedition Migration tool 1.0.107 and previous versions may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
Paloaltonetworks Expedition 1.0.107
7.5
CVSSv2
CVE-2017-9120
PHP 7.x up to and including 7.1.5 allows remote malicious users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
Php Php
Netapp Storage Automation Store -
7.5
CVSSv2
CVE-2017-8923
The zend_string_extend function in Zend/zend_string.h in PHP up to and including 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified ot...
Php Php
3.5
CVSSv2
CVE-2022-0020
A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based malicious user to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of auth...
Paloaltonetworks Cortex Xsoar 6.2.0
Paloaltonetworks Cortex Xsoar 6.1.0
9.3
CVSSv2
CVE-2020-2034
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based malicious user to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be ...
Paloaltonetworks Pan-os
2 Github repositories
1 Article
9.3
CVSSv2
CVE-2020-2021
When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based malicious...
Paloaltonetworks Pan-os
3 Github repositories
1 Article
10
CVSSv2
CVE-2021-3064
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based malicious user to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have ...
Paloaltonetworks Pan-os
1 Github repository
1 Article
NA
CVE-2022-45198
Pillow prior to 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
Python Pillow
NA
CVE-2022-45199
Pillow prior to 9.3.0 allows denial of service via SAMPLESPERPIXEL.
Python Pillow
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »