Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pan-os vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-15943
The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, and 7.1.x prior to 7.1.14 allows remote malicious users to conduct server-side request forgery...
Paloaltonetworks Pan-os
4
CVSSv2
CVE-2018-10140
The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and previous versions may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT af...
Paloaltonetworks Pan-os
9
CVSSv2
CVE-2020-2014
An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions e...
Paloaltonetworks Pan-os
4.6
CVSSv2
CVE-2019-17437
An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects PAN-OS 7.1 versions before 7.1.25; 8.0 versions before 8.0.20; 8.1 versions before...
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2019-1566
The PAN-OS management web interface in PAN-OS 7.1.21 and previous versions, PAN-OS 8.0.14 and previous versions, and PAN-OS 8.1.5 and previous versions, may allow an unauthenticated malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
NA
CVE-2022-0028
A PAN-OS URL filtering policy misconfiguration could allow a network-based malicious user to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-S...
Paloaltonetworks Pan-os
1 Article
NA
CVE-2022-0030
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2017-7409
Palo Alto Networks PAN-OS prior to 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674.
Paloaltonetworks Pan-os
6.5
CVSSv2
CVE-2019-1576
Command injection in PAN-0S 9.0.2 and previous versions may allow an authenticated malicious user to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.
Paloaltonetworks Pan-os
6.8
CVSSv2
CVE-2019-1579
Remote Code Execution in PAN-OS 7.1.18 and previous versions, PAN-OS 8.0.11-h1 and previous versions, and PAN-OS 8.1.2 and previous versions with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote malicious user to execute arbitrar...
Paloaltonetworks Pan-os
1 Github repository
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »