Total
168 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17437 | 1 Paloaltonetworks | 1 Pan-os | 2019-12-13 | 4.6 MEDIUM | 7.8 HIGH |
| An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5. PAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue. | |||||
| CVE-2019-1581 | 1 Paloaltonetworks | 1 Pan-os | 2019-12-05 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prior to 8.0.19-h1, 8.0.20; 8.1 versions prior to 8.1.9-h4, 8.1.10; 9.0 versions prior to 9.0.3-h3, 9.0.4. | |||||
| CVE-2018-18065 | 5 Canonical, Debian, Net-snmp and 2 more | 10 Ubuntu Linux, Debian Linux, Net-snmp and 7 more | 2019-10-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. | |||||
| CVE-2017-7218 | 1 Paloaltonetworks | 1 Pan-os | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters. | |||||
| CVE-2017-7409 | 1 Paloaltonetworks | 1 Pan-os | 2017-07-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674. | |||||
| CVE-2017-7217 | 1 Paloaltonetworks | 1 Pan-os | 2017-07-11 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters. | |||||
| CVE-2015-6531 | 1 Paloaltonetworks | 1 Pan-os | 2017-06-08 | 9.3 HIGH | 7.8 HIGH |
| Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 might allow remote attackers to execute arbitrary Python code via a crafted firmware image file. | |||||
| CVE-2015-4162 | 1 Paloaltonetworks | 1 Pan-os | 2016-11-28 | 4.0 MEDIUM | N/A |
| XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data. | |||||