Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (326 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-8690 2 Microsoft, Paloaltonetworks 2 Windows, Cortex Xdr Agent 2024-10-15 4.4 Medium
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.
CVE-2024-8686 1 Paloaltonetworks 3 Cloud Ngfw, Pan-os, Prisma Access 2024-10-03 7.2 High
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.
CVE-2024-8687 1 Paloaltonetworks 3 Globalprotect, Pan-os, Prisma Access 2024-10-03 7.1 High
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.
CVE-2024-8688 1 Paloaltonetworks 1 Pan-os 2024-10-03 4.4 Medium
An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall.
CVE-2024-5915 1 Paloaltonetworks 1 Globalprotect 2024-08-20 7.8 High
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges.
CVE-2024-5914 1 Paloaltonetworks 1 Cortex Xsoar Commonscripts 2024-08-20 9.8 Critical
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container.