Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv3
CVE-2021-3034
An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged ...
Paloaltonetworks Cortex Xsoar 5.5.0
Paloaltonetworks Cortex Xsoar 6.0.1
Paloaltonetworks Cortex Xsoar 6.0.2
Paloaltonetworks Cortex Xsoar 6.1.0
1 Github repository
NA
CVE-2012-6606
Palo Alto Networks GlobalProtect prior to 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof portal servers and obtain sensitive information via a crafted certificate.
Paloaltonetworks Netconnect -
Paloaltonetworks Globalprotect
1 Github repository
6.5
CVSSv3
CVE-2022-0011
PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed (depending on your rules) regardless of their associated URL category. This is done by creating a custom URL category list or by using an external...
Paloaltonetworks Pan-os
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Prisma Access 2.2
5.5
CVSSv3
CVE-2023-3280
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.
Paloaltonetworks Cortex Xdr Agent
Paloaltonetworks Cortex Xdr Agent 7.5.102
6.3
CVSSv3
CVE-2023-0006
A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.
Paloaltonetworks Globalprotect 6.1.0
Paloaltonetworks Globalprotect
7.8
CVSSv3
CVE-2023-0009
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.
Paloaltonetworks Globalprotect 6.1.0
Paloaltonetworks Globalprotect
8.1
CVSSv3
CVE-2021-3057
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle malicious user to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 vers...
Paloaltonetworks Globalprotect
Paloaltonetworks Globalprotect 5.0
5.3
CVSSv3
CVE-2017-6356
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 prior to 8.0.1 uses weak permissions for unspecified resources, which allows malicious users to obtain sensitive session information via unknown vectors.
Paloaltonetworks Terminal Services Agent 6.0
Paloaltonetworks Terminal Services Agent 7.0
Paloaltonetworks Terminal Services Agent 8.0
4.4
CVSSv3
CVE-2023-0008
A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 11.0.0
4.4
CVSSv3
CVE-2020-1978
TechSupport files generated on Palo Alto Networks VM Series firewalls for Microsoft Azure platform configured with high availability (HA) inadvertently collect Azure dashboard service account credentials. These credentials are equivalent to the credentials associated with the Con...
Paloaltonetworks Vm-series
Paloaltonetworks Pan-os 9.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »