paloaltonetworks
348 tracked vulnerabilities.
CVE-2025-0114
HIGH
Palo Alto Networks PAN-OS >= 10.1.0 < 10.1.14 - Unauthenticated Denial of Service via GlobalProtect Packet Flood
Mar 12, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-0111
MEDIUM
KEV
Palo Alto Networks PAN-OS - Info Disclosure
Feb 12, 2025
CVSS 6.5
EPSS 0.02
CVE-2025-0108
CRITICAL
KEVNUCLEI
Palo Alto Networks PAN-OS - Auth Bypass
Feb 12, 2025
CVSS 9.1
EPSS 0.98
CVE-2025-0107
CRITICAL
NUCLEI
Palo Alto Networks Expedition - Command Injection
Jan 11, 2025
CVSS 9.8
EPSS 0.78
CVE-2025-0106
MEDIUM
Palo Alto Networks Expedition - Info Disclosure
Jan 11, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-0105
CRITICAL
Palo Alto Networks Expedition - Info Disclosure
Jan 11, 2025
CVSS 9.1
EPSS 0.13
CVE-2025-0104
MEDIUM
Palo Alto Networks Expedition - XSS
Jan 11, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-0103
HIGH
Palo Alto Networks Expedition - SQL Injection
Jan 11, 2025
CVSS 8.8
EPSS 0.01
CVE-2024-3393
HIGH
KEV
Palo Alto Networks PAN-OS >= 11.1.0 < 11.1.1 - Unauthenticated Denial of Service via Malicious DNS Packet
Dec 27, 2024
CVSS 7.5
EPSS 0.27
CVE-2024-5921
HIGH
Palo Alto Networks GlobalProtect - Improper Certificate Validation
Nov 27, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-9474
HIGH
KEVNUCLEI
PAN-OS >=10.1.0 <10.1.14 - Authenticated Privilege Escalation to Root via Management Interface
Nov 18, 2024
CVSS 7.2
EPSS 0.95
CVE-2024-0012
CRITICAL
KEVNUCLEI
Palo Alto Networks PAN-OS 10.2 11.0 11.1 11.2 - Unauthenticated Authentication Bypass
Nov 18, 2024
CVSS 9.8
EPSS 1.00
CVE-2024-5920
MEDIUM
Palo Alto Networks PAN-OS 10.1.0-10.1.13 - Authenticated Stored Cross-Site Scripting via Configuration Push
Nov 14, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-5919
MEDIUM
PAN-OS 10.1.0-10.1.9 - Authenticated XML External Entity Injection
Nov 14, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5918
MEDIUM
Palo Alto Networks PAN-OS - Improper Certificate Validation in GlobalProtect Portal/Gateway
Nov 14, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-5917
MEDIUM
PAN-OS 10.1.0-10.1.6 - Authenticated Server-Side Request Forgery via Administrative Web Interface
Nov 14, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-2552
MEDIUM
PAN-OS >=10.2.0 <10.2.7 - Authenticated Command Injection via Management Plane
Nov 14, 2024
CVSS 6.0
EPSS 0.00
CVE-2024-2551
HIGH
Palo Alto Networks PAN-OS 10.1.0-10.1.13 - Unauthenticated Denial of Service via Crafted Data Plane Packet
Nov 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-2550
HIGH
Palo Alto Networks PAN-OS 10.2.0-10.2.6 DoS via GlobalProtect Gateway Null Pointer Dereference
Nov 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-9473
HIGH
Palo Alto Networks GlobalProtect - Privilege Escalation via MSI Installer Repair Functionality
Oct 09, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-9471
MEDIUM
Palo Alto Networks PAN-OS 9.0.0-9.9.9 - Authenticated Privilege Escalation via XML API Key Misuse
Oct 09, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-9469
MEDIUM
Cortex XDR Agent 7.9-7.9.101 - Detection Mechanism Bypass via Non-Administrative Privileges
Oct 09, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-9468
HIGH
Palo Alto Networks PAN-OS >= 10.2.0 < 10.2.4 - Unauthenticated Denial of Service via Crafted Data Plane Packet
Oct 09, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-9467
MEDIUM
Palo Alto Networks Expedition 1.2.0-1.2.95 - Reflected Cross-Site Scripting
Oct 09, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-9466
MEDIUM
Palo Alto Networks Expedition 1.2.0-1.2.95 - Authenticated Sensitive Information Disclosure in Log Files
Oct 09, 2024
CVSS 6.5
EPSS 0.11
Products
pan-os 226
globalprotect 35
cortex_xdr_agent 20
expedition 16
cortex_xsoar 11
prisma_access 8
prisma_cloud 4
expedition_migration_tool 3
idira_endpoint_privilege_manager 3
secdo 3
terminal_services_agent 3
traps 3
bridgecrew_checkov 2
prisma_access_agent 2
trust_protection_foundation 2
autonomous_digital_experience_manager 1
broker_vm 1
chronosphere_collector 1
cloud_ngfw 1
cortex_xsiam 1
cortex_xsiam_commvaultsecurityiq_marketplace 1
cortex_xsoar_commonscripts 1
cortex_xsoar_commvaultsecurityiq_marketplace 1
demisto 1
idira_identity_browser_extension 1
idira_privilege_cloud_connector 1
idira_privileged_access_manager_vault 1
idira_privileged_session_manager 1
idira_privileged_session_manager_for_ssh 1
idira_secrets_manager 1
Quick Filters