Filtered by vendor Paloaltonetworks
Subscriptions
Filtered by product Pan-os
Subscriptions
Total
184 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0008 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-02 | 4.4 Medium |
| A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition. | ||||
| CVE-2023-0010 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-02 | 5.4 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user’s browser when they click on a specifically crafted link. | ||||
| CVE-2023-0004 | 2 Fedoraproject, Paloaltonetworks | 2 Fedora, Pan-os | 2024-08-02 | 6.5 Medium |
| A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software. | ||||
| CVE-2024-3400 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-01 | 10 Critical |
| A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. | ||||