paloaltonetworks

348 tracked vulnerabilities.

CVE-2024-9465 CRITICAL KEVNUCLEI
Palo Alto Networks Expedition 1.2.0-1.2.95 - Unauthenticated SQL Injection and Arbitrary File Write
Oct 09, 2024
CVSS 9.1
EPSS 1.00
CVE-2024-9464 MEDIUM
Palo Alto Networks Expedition 1.2.0-1.2.95 - Authenticated OS Command Injection
Oct 09, 2024
CVSS 6.5
EPSS 0.82
CVE-2024-9463 HIGH KEVNUCLEI
Palo Alto Networks Expedition 1.2.0-1.2.95 - Unauthenticated OS Command Injection
Oct 09, 2024
CVSS 7.5
EPSS 0.98
CVE-2024-8691 HIGH
Palo Alto Networks PAN-OS - Privilege Escalation
Sep 11, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-8690 MEDIUM
Palo Alto Networks Cortex XDR < - Privilege Escalation
Sep 11, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-8688 MEDIUM
Palo Alto Networks PAN-OS - Info Disclosure
Sep 11, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-8687 HIGH
Palo Alto Networks PAN-OS - Info Disclosure
Sep 11, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-8686 HIGH
Palo Alto Networks PAN-OS - Command Injection
Sep 11, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-5916 MEDIUM
Palo Alto Networks PAN-OS - Info Disclosure
Aug 14, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-5915 HIGH
GlobalProtect 5.1.0-5.1.8 - Privilege Escalation
Aug 14, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-5914 CRITICAL
Cortex XSOAR CommonScripts < 1.12.33 - Unauthenticated Command Injection
Aug 14, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-5913 MEDIUM
Palo Alto Networks PAN-OS 10.1.0-10.1.13 - Privilege Escalation via Physical File System Tampering
Jul 10, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-5911 MEDIUM
Palo Alto Networks Pan-OS 10.1.0-10.1.8 - Authenticated Arbitrary File Upload
Jul 10, 2024
CVSS 4.9
EPSS 0.01
CVE-2024-5910 CRITICAL KEVNUCLEI
Palo Alto Expedition Remote Code Execution (CVE-2024-5910 and CVE-2024-9464)
Jul 10, 2024
CVSS 9.8
EPSS 0.92
CVE-2024-5909 MEDIUM
Cortex XDR Agent 7.9-7.9.101 and 8.1-8.1.1 - Local Privilege Escalation via Agent Disabling
Jun 12, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-5908 HIGH
GlobalProtect 5.1-5.1.11 - Sensitive Information Exposure in Application Logs
Jun 12, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-5907 HIGH
Palo Alto Networks Cortex XDR Agent 7.9-7.9.101 and 8.1-8.2.2 - Local Privilege Escalation via Race Condition
Jun 12, 2024
CVSS 7.0
EPSS 0.00
CVE-2024-5906 MEDIUM
Prisma Cloud < 32.05.124 - Stored Cross-Site Scripting via Identity Provider Configuration
Jun 12, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-5905 MEDIUM
Cortex XDR Agent 7.9.0-7.9.101 and 8.1-8.1.1 - Local Denial of Service via Protection Mechanism Bypass
Jun 12, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-3661 HIGH
FortiClient 6.4.0-7.2.4 - Unauthenticated VPN Traffic Leak via DHCP Classless Static Route Option
May 06, 2024
CVSS 7.6
EPSS 0.04
CVE-2024-3400 CRITICAL KEVNUCLEI
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
Apr 12, 2024
CVSS 10.0
EPSS 1.00
CVE-2024-3388 MEDIUM
Palo Alto Networks PAN-OS - Privilege Escalation
Apr 10, 2024
CVSS 4.1
EPSS 0.00
CVE-2024-3387 MEDIUM
Palo Alto Networks Panorama - Info Disclosure
Apr 10, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-3386 MEDIUM
Palo Alto Networks PAN-OS - Info Disclosure
Apr 10, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-3385 HIGH
Palo Alto Networks PAN-OS PA-5400/PA-7000 - Packet Processing Denial of Service
Apr 10, 2024
CVSS 7.5
EPSS 0.01