Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pan-os vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-7218
The Management Web Interface in Palo Alto Networks PAN-OS prior to 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters.
Paloaltonetworks Pan-os
7.8
CVSSv3
CVE-2015-6531
Palo Alto Networks Panorama VM Appliance with PAN-OS prior to 6.0.1 might allow remote malicious users to execute arbitrary Python code via a crafted firmware image file.
Paloaltonetworks Pan-os
7.8
CVSSv3
CVE-2020-1980
A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later ...
Paloaltonetworks Pan-os
7.8
CVSSv3
CVE-2020-1981
A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance. This iss...
Paloaltonetworks Pan-os
4.8
CVSSv3
CVE-2020-1982
Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditions requir...
Paloaltonetworks Pan-os
7.2
CVSSv3
CVE-2020-1990
A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 8.1 versions prior to 8...
Paloaltonetworks Pan-os
4.4
CVSSv3
CVE-2020-1994
A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell access to corrupt arbitrary system files affecting the integrity of the system. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.13; PAN-O...
Paloaltonetworks Pan-os
6.1
CVSSv3
CVE-2020-1997
An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an malicious user to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. If the user then successfully authenticates it will cause them to access ...
Paloaltonetworks Pan-os
5.5
CVSSv3
CVE-2018-9242
The PAN-OS management web interface page in PAN-OS 6.1.20 and previous versions, PAN-OS 7.1.16 and previous versions, PAN-OS 8.0.9 and previous versions may allow an malicious user to delete files in the system via specific request parameters.
Paloaltonetworks Pan-os
9.8
CVSSv3
CVE-2019-17440
Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions before 9.0....
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »