paloaltonetworks

348 tracked vulnerabilities.

CVE-2020-2037 HIGH
PAN-OS 8.1.0-8.1.15 - Authenticated OS Command Injection
Sep 09, 2020
CVSS 7.2
EPSS 0.04
CVE-2020-2036 HIGH NUCLEI
PAN-OS 8.1.0-8.1.15 - Reflected Cross-Site Scripting in Management Web Interface
Sep 09, 2020
CVSS 8.8
EPSS 0.24
CVE-2020-2035 LOW
PAN-OS - Security Policy Bypass via SNI Field in TLS Client Hello
Aug 12, 2020
CVSS 3.0
EPSS 0.01
CVE-2020-2034 HIGH
PAN-OS 7.1.0-7.1.25 - Unauthenticated OS Command Injection via GlobalProtect Portal
Jul 08, 2020
CVSS 8.1
EPSS 0.07
CVE-2020-2031 MEDIUM
PAN-OS 9.1.0-9.1.2 - Authenticated Denial of Service via dnsproxyd Integer Underflow
Jul 08, 2020
CVSS 4.9
EPSS 0.01
CVE-2020-2030 HIGH
PAN-OS 7.1.0-7.1.25 and 8.0.x-8.1.14 - Authenticated OS Command Injection
Jul 08, 2020
CVSS 7.2
EPSS 0.03
CVE-2020-1982 MEDIUM
PAN-OS 8.0-8.0.19 - Inadequate Encryption Strength via TLS 1.0
Jul 08, 2020
CVSS 4.8
EPSS 0.00
CVE-2020-2021 CRITICAL KEV
PAN-OS 8.0.x < 8.0.20 - Unauthenticated SAML Authentication Bypass via Improper Signature Verification
Jun 29, 2020
CVSS 10.0
EPSS 0.04
CVE-2020-2033 MEDIUM
GlobalProtect 5.0.0-5.0.9 - Authentication Bypass via ARP Spoofing
Jun 10, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-2032 HIGH
Palo Alto Networks GlobalProtect < 5.0.10 - Privilege Escalation via Race Condition During Upgrade
Jun 10, 2020
CVSS 7.0
EPSS 0.00
CVE-2020-2029 HIGH
PAN-OS 7.1.0-7.1.25 - Authenticated OS Command Injection via Certificate Generation Request
Jun 10, 2020
CVSS 7.2
EPSS 0.02
CVE-2020-2028 HIGH
PAN-OS 7.1.0-7.1.25 and 8.0 - Authenticated OS Command Injection via Certificate Upload in FIPS-CC Mode
Jun 10, 2020
CVSS 7.2
EPSS 0.02
CVE-2020-2027 HIGH
PAN-OS 7.1.0-7.1.25 and 8.0 - Authenticated Stack-based Buffer Overflow in authd
Jun 10, 2020
CVSS 7.2
EPSS 0.02
CVE-2020-2018 CRITICAL
PAN-OS 7.1.0-7.1.25 - Authentication Bypass via Panorama Context Switching
May 13, 2020
CVSS 9.0
EPSS 0.01
CVE-2020-2017 HIGH
PAN-OS 7.1.0-7.1.25 - Authenticated DOM-Based Cross-Site Scripting
May 13, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-2016 HIGH
PAN-OS < 7.1.26, < 8.1.13, < 9.0.6 - Privilege Escalation via Insecure Temporary File Creation
May 13, 2020
CVSS 7.0
EPSS 0.01
CVE-2020-2015 HIGH
PAN-OS 7.1.0-7.1.25 - Authenticated Buffer Overflow in Management Server
May 13, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-2014 HIGH
PAN-OS 7.1.0-7.1.25 - Authenticated OS Command Injection
May 13, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-2013 HIGH
Palo Alto Networks PAN-OS 7.1.0-7.1.25 - Authenticated Cleartext Transmission of Session Cookie
May 13, 2020
CVSS 8.3
EPSS 0.01
CVE-2020-2012 HIGH
Palo Alto Networks Pan-OS 7.1.0-7.1.25 - Unauthenticated XML External Entity Injection
May 13, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-2011 HIGH
Palo Alto Networks PAN-OS 7.1.0-7.1.25 - Unauthenticated Denial of Service via Crafted Registration Request
May 13, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-2010 HIGH
PAN-OS 7.1.0-7.1.25 - Authenticated OS Command Injection
May 13, 2020
CVSS 7.2
EPSS 0.02
CVE-2020-2009 HIGH
Palo Alto Networks PAN-OS <8.1.14, <9.0.7 - Remote Code Execution
May 13, 2020
CVSS 7.2
EPSS 0.02
CVE-2020-2008 HIGH
PAN-OS 7.1.0-7.1.25 and 8.0 - Authenticated OS Command Injection and Arbitrary File Deletion
May 13, 2020
CVSS 7.2
EPSS 0.03
CVE-2020-2007 HIGH
PAN-OS 7.1.0-7.1.25 - Authenticated OS Command Injection
May 13, 2020
CVSS 7.2
EPSS 0.02