Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pan-os vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2021-3045
An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier th...
Paloaltonetworks Pan-os
409
VMScore
CVE-2019-17437
An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects PAN-OS 7.1 versions before 7.1.25; 8.0 versions before 8.0.20; 8.1 versions before...
Paloaltonetworks Pan-os
383
VMScore
CVE-2017-16878
Cross-site scripting (XSS) vulnerability in the Captive Portal function in Palo Alto Networks PAN-OS prior to 8.0.7 allows remote malicious users to inject arbitrary web script or HTML by leveraging an unspecified configuration.
Paloaltonetworks Pan-os
187
VMScore
CVE-2021-3037
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to ex...
Paloaltonetworks Pan-os
761
VMScore
CVE-2017-15944
Palo Alto Networks PAN-OS prior to 6.1.19, 7.0.x prior to 7.0.19, 7.1.x prior to 7.1.14, and 8.0.x prior to 8.0.6 allows remote malicious users to execute arbitrary code via vectors involving the management interface.
Paloaltonetworks Pan-os
2 EDB exploits
3 Github repositories
NA
CVE-2023-6793
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage.
Paloaltonetworks Pan-os
NA
CVE-2023-6794
An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.
Paloaltonetworks Pan-os
NA
CVE-2023-6795
An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.
Paloaltonetworks Pan-os
383
VMScore
CVE-2019-1566
The PAN-OS management web interface in PAN-OS 7.1.21 and previous versions, PAN-OS 8.0.14 and previous versions, and PAN-OS 8.1.5 and previous versions, may allow an unauthenticated malicious user to inject arbitrary JavaScript or HTML.
Paloaltonetworks Pan-os
578
VMScore
CVE-2019-1576
Command injection in PAN-0S 9.0.2 and previous versions may allow an authenticated malicious user to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.
Paloaltonetworks Pan-os
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »