Vulnerabilities (CVE)

Filtered by vendor Paloaltonetworks Subscribe
Total 289 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-2219 1 Paloaltonetworks 1 Pan-os 2025-04-12 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in the management interface in Palo Alto Networks PAN-OS 7.x before 7.0.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-5195 7 Canonical, Debian, Fedoraproject and 4 more 18 Ubuntu Linux, Debian Linux, Fedora and 15 more 2025-04-12 7.2 HIGH 7.0 HIGH
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CVE-2016-4971 4 Canonical, Gnu, Oracle and 1 more 4 Ubuntu Linux, Wget, Solaris and 1 more 2025-04-12 4.3 MEDIUM 8.8 HIGH
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVE-2016-3655 1 Paloaltonetworks 1 Pan-os 2025-04-12 10.0 HIGH 9.8 CRITICAL
The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call.
CVE-2012-6606 1 Paloaltonetworks 2 Globalprotect, Netconnect 2025-04-11 5.8 MEDIUM N/A
Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensitive information via a crafted certificate.
CVE-2012-6604 1 Paloaltonetworks 1 Pan-os 2025-04-11 9.0 HIGH N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249.
CVE-2012-6596 1 Paloaltonetworks 1 Pan-os 2025-04-11 5.0 MEDIUM N/A
Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passwords in authd.log, which allows context-dependent attackers to obtain sensitive information by reading this file, aka Ref ID 35493.
CVE-2012-6600 1 Paloaltonetworks 1 Pan-os 2025-04-11 9.0 HIGH N/A
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 34502.
CVE-2012-6598 1 Paloaltonetworks 1 Pan-os 2025-04-11 9.0 HIGH N/A
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33080.
CVE-2012-6594 1 Paloaltonetworks 1 Pan-os 2025-04-11 9.0 HIGH N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11, 4.0.x before 4.0.8, and 4.1.x before 4.1.1 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34299.
CVE-2012-6590 1 Paloaltonetworks 1 Pan-os 2025-04-11 4.3 MEDIUM N/A
The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote attackers to obtain verbose error information via crafted input, aka Ref ID 33139.
CVE-2012-6592 1 Paloaltonetworks 1 Pan-os 2025-04-11 10.0 HIGH N/A
Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 31091.
CVE-2012-6595 1 Paloaltonetworks 1 Pan-os 2025-04-11 9.0 HIGH N/A
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34595.
CVE-2012-6603 1 Paloaltonetworks 1 Pan-os 2025-04-11 10.0 HIGH N/A
The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034.
CVE-2012-6591 1 Paloaltonetworks 1 Pan-os 2025-04-11 9.0 HIGH N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 31116.
CVE-2012-6599 1 Paloaltonetworks 1 Pan-os 2025-04-11 9.0 HIGH N/A
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 and 4.1.x before 4.1.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33476.
CVE-2012-6605 1 Paloaltonetworks 1 Pan-os 2025-04-11 9.0 HIGH N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896.
CVE-2012-6602 1 Paloaltonetworks 1 Pan-os 2025-04-11 9.0 HIGH N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122.
CVE-2012-6601 1 Paloaltonetworks 1 Pan-os 2025-04-11 10.0 HIGH N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983.
CVE-2013-5663 1 Paloaltonetworks 1 Pan-os 2025-04-11 4.3 MEDIUM N/A
The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that trigger invalid caching, as demonstrated by incorrect identification of HTTP traffic as SIP traffic, aka Ref ID 47195.