Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
palo alto networks vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2022-0019
An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. Th...
Paloaltonetworks Globalprotect
7.2
CVSSv2
CVE-2022-0026
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This ...
Paloaltonetworks Cortex Xdr Agent 6.1
Paloaltonetworks Cortex Xdr Agent 6.1.4
Paloaltonetworks Cortex Xdr Agent 6.1.5
Paloaltonetworks Cortex Xdr Agent 6.1.6
Paloaltonetworks Cortex Xdr Agent 6.1.7
Paloaltonetworks Cortex Xdr Agent 6.1.8
Paloaltonetworks Cortex Xdr Agent 6.1.9
Paloaltonetworks Cortex Xdr Agent 7.4.4
Paloaltonetworks Cortex Xdr Agent 7.4.3
Paloaltonetworks Cortex Xdr Agent 7.4.2
Paloaltonetworks Cortex Xdr Agent 7.4.1
Paloaltonetworks Cortex Xdr Agent 7.5.1
Paloaltonetworks Cortex Xdr Agent 7.5.2
Paloaltonetworks Cortex Xdr Agent 7.5.3
Paloaltonetworks Cortex Xdr Agent 7.6.1
Paloaltonetworks Cortex Xdr Agent 7.6.2
Paloaltonetworks Cortex Xdr Agent 7.7
Paloaltonetworks Cortex Xdr Agent 7.7.1
Paloaltonetworks Cortex Xdr Agent 7.5
4
CVSSv2
CVE-2022-0011
PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed (depending on your rules) regardless of their associated URL category. This is done by creating a custom URL category list or by using an external...
Paloaltonetworks Pan-os
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Prisma Access 2.2
3.6
CVSSv2
CVE-2022-0012
An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of service condition. This issue impact...
Paloaltonetworks Cortex Xdr Agent
6.9
CVSSv2
CVE-2022-0014
An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory (such as C:\) to store a program that can then be unintentionally executed by another local user when ...
Paloaltonetworks Cortex Xdr Agent
4.6
CVSSv2
CVE-2022-0015
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex ...
Paloaltonetworks Cortex Xdr Agent
6.9
CVSSv2
CVE-2022-0016
An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local malicious user to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under...
Paloaltonetworks Globalprotect
6.9
CVSSv2
CVE-2022-0017
An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local malicious user to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges un...
Paloaltonetworks Globalprotect
2.6
CVSSv2
CVE-2022-0018
An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration....
Paloaltonetworks Globalprotect
4.3
CVSSv2
CVE-2022-0023
An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Rep...
Paloaltonetworks Pan-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »