Filtered by vendor Paloaltonetworks
Subscriptions
Filtered by product Pan-os
Subscriptions
Total
170 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-7217 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-05 | N/A |
| The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters. | ||||
| CVE-2017-7216 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-05 | N/A |
| The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters. | ||||
| CVE-2017-5584 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-05 | N/A |
| Cross-site scripting (XSS) vulnerability in the Management Web Interface in Palo Alto Networks PAN-OS 5.1, 6.x before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2017-5583 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-05 | N/A |
| The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to read arbitrary files via unspecified vectors. | ||||
| CVE-2018-18065 | 5 Canonical, Debian, Net-snmp and 2 more | 10 Ubuntu Linux, Debian Linux, Net-snmp and 7 more | 2024-08-05 | N/A |
| _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. | ||||
| CVE-2018-9337 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-05 | N/A |
| The PAN-OS web interface administration page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.17 and earlier, PAN-OS 8.0.10 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML. | ||||
| CVE-2018-9335 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-05 | N/A |
| The PAN-OS session browser in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML. | ||||
| CVE-2018-9242 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-05 | N/A |
| The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier may allow an attacker to delete files in the system via specific request parameters. | ||||
| CVE-2018-9334 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-05 | N/A |
| The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.8 and earlier, and PAN-OS 8.1.0 may allow an attacker to access the GlobalProtect password hashes of local users via manipulation of the HTML markup. | ||||
| CVE-2018-7636 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-05 | N/A |
| The URL filtering "continue page" hosted by PAN-OS 8.0.10 and earlier may allow an attacker to inject arbitrary JavaScript or HTML via specially crafted URLs. | ||||
| CVE-2019-1580 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-04 | N/A |
| Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow a remote, unauthenticated user to craft a message to Secure Shell Daemon (SSHD) and corrupt arbitrary memory. | ||||
| CVE-2019-1575 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-04 | 8.8 High |
| Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API key of the device and/or the username/password from the XML API (in PAN-OS) and possibly escalate privileges granted to them. | ||||
| CVE-2019-1582 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-04 | N/A |
| Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session. | ||||
| CVE-2019-1579 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-04 | 8.1 High |
| Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code. | ||||
| CVE-2019-1572 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-04 | N/A |
| PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files. | ||||
| CVE-2019-1576 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-04 | 8.8 High |
| Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions. | ||||
| CVE-2023-38046 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-02 | 5.5 Medium |
| A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system. | ||||
| CVE-2023-6795 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-02 | 5.5 Medium |
| An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall. | ||||
| CVE-2023-6792 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-02 | 5.5 Medium |
| An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall. | ||||
| CVE-2023-6790 | 1 Paloaltonetworks | 1 Pan-os | 2024-08-02 | 8.8 High |
| A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface. | ||||