Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
palo alto networks vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2022-0025
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This ...
Paloaltonetworks Cortex Xdr Agent
8.1
CVSSv3
CVE-2022-0030
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.
Paloaltonetworks Pan-os
8
CVSSv3
CVE-2019-1583
Escalation of privilege vulnerability in the Palo Alto Networks Twistlock console 19.07.358 and previous versions allows a Twistlock user with Operator capabilities to escalate privileges to that of another user. Active interaction with an affected component is required for the p...
Paloaltonetworks Twistlock
9.8
CVSSv3
CVE-2017-15940
The web interface packet capture management component in Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, 7.1.x prior to 7.1.14, and 8.0.x prior to 8.0.6 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Paloaltonetworks Pan-os
5.4
CVSSv3
CVE-2018-9335
The PAN-OS session browser in PAN-OS 6.1.20 and previous versions, PAN-OS 7.1.16 and previous versions, PAN-OS 8.0.9 and previous versions, and PAN-OS 8.1.1 and previous versions may allow an malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
9.8
CVSSv3
CVE-2019-1581
A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions before 7.1.24-h1, 7.1.25; 8....
Paloaltonetworks Pan-os
7.5
CVSSv3
CVE-2022-3996
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy process...
Openssl Openssl
1 Github repository
5.3
CVSSv3
CVE-2023-38283
In OpenBGPD prior to 8.1, incorrect handling of BGP update data (length of path attributes) set by a potentially distant remote actor may cause the system to incorrectly reset a session. This is fixed in OpenBSD 7.3 errata 006.
Openbgpd Openbgpd
8.1
CVSSv3
CVE-2018-8715
The Embedthis HTTP library, and Appweb versions prior to 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
Embedthis Appweb
3 Github repositories
NA
CVE-2018-121265
PAN-SA-2019-0012 Information about Recent Intel Side Channel Vulnerabilities
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-coded
CVE-2024-27202
NULL pointer dereference
CVE-2024-28075
CVE-2024-33608
CVE-2024-28889
CVE-2024-34572
template injection
CVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »