Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pan-os vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2020-2007
An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. This issue affects: All PAN-OS 7.1 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 version...
Paloaltonetworks Pan-os
7.2
CVSSv3
CVE-2020-2008
An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condit...
Paloaltonetworks Pan-os
7.5
CVSSv3
CVE-2020-2011
An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempt...
Paloaltonetworks Pan-os
8.8
CVSSv3
CVE-2020-2014
An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions e...
Paloaltonetworks Pan-os
7
CVSSv3
CVE-2020-2016
A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by ...
Paloaltonetworks Pan-os
9
CVSSv3
CVE-2020-2018
An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit th...
Paloaltonetworks Pan-os
5.4
CVSSv3
CVE-2018-9335
The PAN-OS session browser in PAN-OS 6.1.20 and previous versions, PAN-OS 7.1.16 and previous versions, PAN-OS 8.0.9 and previous versions, and PAN-OS 8.1.1 and previous versions may allow an malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
5.4
CVSSv3
CVE-2018-9337
The PAN-OS web interface administration page in PAN-OS 6.1.20 and previous versions, PAN-OS 7.1.17 and previous versions, PAN-OS 8.0.10 and previous versions, and PAN-OS 8.1.1 and previous versions may allow an malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
4.4
CVSSv3
CVE-2022-0022
Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-...
Paloaltonetworks Pan-os
5.9
CVSSv3
CVE-2022-0023
An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Rep...
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »