Filtered by vendor Paloaltonetworks
Subscribe
Total
258 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-3657 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to cause a denial of service (device crash) or possibly execute arbitrary code via an SSL VPN request. | |||||
| CVE-2016-3656 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request. | |||||
| CVE-2016-3655 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call. | |||||
| CVE-2016-3654 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x before 5.1.11, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote authenticated administrators to execute arbitrary OS commands via an SSH command parameter. | |||||
| CVE-2016-2219 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the management interface in Palo Alto Networks PAN-OS 7.x before 7.0.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-1712 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x before 6.0.14, 6.1.x before 6.1.12, and 7.0.x before 7.0.8 might allow local users to gain privileges by leveraging improper sanitization of the root_reboot local invocation. | |||||
| CVE-2015-6531 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 might allow remote attackers to execute arbitrary Python code via a crafted firmware image file. | |||||
| CVE-2015-4162 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 4.0 MEDIUM | N/A |
| XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data. | |||||
| CVE-2014-3764 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x before 5.1.10, and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Ref ID 64563. | |||||
| CVE-2013-5664 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and 5.0.x before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via crafted data, aka Ref ID 50908. | |||||
| CVE-2013-5663 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 4.3 MEDIUM | N/A |
| The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that trigger invalid caching, as demonstrated by incorrect identification of HTTP traffic as SIP traffic, aka Ref ID 47195. | |||||
| CVE-2012-6606 | 1 Paloaltonetworks | 2 Globalprotect, Netconnect | 2024-11-21 | 5.8 MEDIUM | N/A |
| Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2012-6605 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.0 HIGH | N/A |
| The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896. | |||||
| CVE-2012-6604 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.0 HIGH | N/A |
| The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249. | |||||
| CVE-2012-6603 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 10.0 HIGH | N/A |
| The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034. | |||||
| CVE-2012-6602 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.0 HIGH | N/A |
| The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122. | |||||
| CVE-2012-6601 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 10.0 HIGH | N/A |
| The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983. | |||||
| CVE-2012-6600 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.0 HIGH | N/A |
| The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 34502. | |||||
| CVE-2012-6599 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.0 HIGH | N/A |
| The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 and 4.1.x before 4.1.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33476. | |||||
| CVE-2012-6598 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.0 HIGH | N/A |
| The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33080. | |||||