← Back

Paloaltonetworks

paloaltonetworks

311 CVEs • 84 products

Products (84)

Click to collapse
Toggle
Pan Os
pan-os
212 CVEs
Globalprotect
globalprotect
34 CVEs
Cortex Xdr Agent
cortex_xdr_agent
19 CVEs
Expedition
expedition
16 CVEs
Cortex Xsoar
cortex_xsoar
9 CVEs
Prisma Access
prisma_access
8 CVEs
Prisma Cloud
prisma_cloud
4 CVEs
Terminal Services Agent
terminal_services_agent
3 CVEs
Traps
traps
3 CVEs
Expedition Migration Tool
expedition_migration_tool
3 CVEs
Secdo
secdo
3 CVEs
Bridgecrew Checkov
bridgecrew_checkov
2 CVEs
Netconnect
netconnect
1 CVE
Demisto
demisto
1 CVE
Minemeld
minemeld
1 CVE
Twistlock
twistlock
1 CVE
Vm Series
vm-series
1 CVE
Cortex Xsoar Commonscripts
cortex_xsoar_commonscripts
1 CVE
Pa 7050
pa-7050
0 CVEs
Pa 7080
pa-7080
0 CVEs
Pa 200
pa-200
0 CVEs
Pa 2020
pa-2020
0 CVEs
Pa 2050
pa-2050
0 CVEs
Pa 220
pa-220
0 CVEs
Pa 3020
pa-3020
0 CVEs
Pa 3050
pa-3050
0 CVEs
Pa 3060
pa-3060
0 CVEs
Pa 3220
pa-3220
0 CVEs
Pa 3250
pa-3250
0 CVEs
Pa 3260
pa-3260
0 CVEs
Pa 500
pa-500
0 CVEs
Pa 5200
pa-5200
0 CVEs
Pa 800
pa-800
0 CVEs
Vm Series Firewall
vm-series_firewall
0 CVEs
Panorama M 200
panorama_m-200
0 CVEs
Panorama M 500
panorama_m-500
0 CVEs
Panorama M 600
panorama_m-600
0 CVEs
Pa 5410
pa-5410
0 CVEs
Pa 5420
pa-5420
0 CVEs
Pa 5430
pa-5430
0 CVEs
Pa 5440
pa-5440
0 CVEs
Pa 5445
pa-5445
0 CVEs
Pa 1410
pa-1410
0 CVEs
Pa 1420
pa-1420
0 CVEs
Pa 3410
pa-3410
0 CVEs
Pa 3420
pa-3420
0 CVEs
Pa 3430
pa-3430
0 CVEs
Pa 3440
pa-3440
0 CVEs
Pa 410
pa-410
0 CVEs
Pa 410r
pa-410r
0 CVEs
Pa 410r 5g
pa-410r-5g
0 CVEs
Pa 415
pa-415
0 CVEs
Pa 415 5g
pa-415-5g
0 CVEs
Pa 440
pa-440
0 CVEs
Pa 445
pa-445
0 CVEs
Pa 450
pa-450
0 CVEs
Pa 450r
pa-450r
0 CVEs
Pa 450r 5g
pa-450r-5g
0 CVEs
Pa 455
pa-455
0 CVEs
Pa 455 5g
pa-455-5g
0 CVEs
Pa 455r 5g
pa-455r-5g
0 CVEs
Pa 460
pa-460
0 CVEs
Pa 501
pa-501
0 CVEs
Pa 505
pa-505
0 CVEs
Pa 510
pa-510
0 CVEs
Pa 520
pa-520
0 CVEs
Pa 540
pa-540
0 CVEs
Pa 545 Poe
pa-545-poe
0 CVEs
Pa 5450
pa-5450
0 CVEs
Pa 550
pa-550
0 CVEs
Pa 5540
pa-5540
0 CVEs
Pa 555 Poe
pa-555-poe
0 CVEs
Pa 5550
pa-5550
0 CVEs
Pa 5560
pa-5560
0 CVEs
Pa 5570
pa-5570
0 CVEs
Pa 5580
pa-5580
0 CVEs
Pa 560
pa-560
0 CVEs
Pa 7500
pa-7500
0 CVEs
Pa 7500 Dpc A
pa-7500-dpc-a
0 CVEs
Vm 100
vm-100
0 CVEs
Vm 300
vm-300
0 CVEs
Vm 50
vm-50
0 CVEs
Vm 500
vm-500
0 CVEs
Vm 700
vm-700
0 CVEs

CVEs (311)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-1583
1Paloaltonetworks
1Twistlock
Nov 21, 2024
Aug 23, 2019
N/A· v4
8.0 HIGH· v3
6.0 MEDIUM· v2
Escalation of privilege vulnerability in the Palo Alto Networks Twistlock console 19.07.358 and earlier allows a Twistlock user with Operator capabilities to escalate privileges to that of another user. Active interactio...Show more
Escalation of privilege vulnerability in the Palo Alto Networks Twistlock console 19.07.358 and earlier allows a Twistlock user with Operator capabilities to escalate privileges to that of another user. Active interaction with an affected component is required for the payload to execute on the victim.Show less
CVE-2019-1582
1Paloaltonetworks
1Pan Os
Nov 21, 2024
Aug 23, 2019
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.
CVE-2019-1581
1Paloaltonetworks
1Pan Os
Nov 21, 2024
Aug 23, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This is...Show more
A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prior to 8.0.19-h1, 8.0.20; 8.1 versions prior to 8.1.9-h4, 8.1.10; 9.0 versions prior to 9.0.3-h3, 9.0.4.Show less
CVE-2019-1580
1Paloaltonetworks
1Pan Os
Nov 21, 2024
Aug 23, 2019
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow a remote, unauthenticated user to craft a message to Secure Shell Daemon (SSHD)...Show more
Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow a remote, unauthenticated user to craft a message to Secure Shell Daemon (SSHD) and corrupt arbitrary memory.Show less
CVE-2019-1579
1Paloaltonetworks
1Pan Os
Nov 4, 2025
Jul 19, 2019
N/A· v4
8.1 HIGH· v3
6.8 MEDIUM· v2
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote atta...Show more
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code.Show less
CVE-2019-1576
1Paloaltonetworks
1Pan Os
Nov 21, 2024
Jul 16, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.
CVE-2019-1575
1Paloaltonetworks
1Pan Os
Nov 21, 2024
Jul 16, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API k...Show more
Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API key of the device and/or the username/password from the XML API (in PAN-OS) and possibly escalate privileges granted to them.Show less
CVE-2019-1578
1Paloaltonetworks
1Minemeld
Nov 21, 2024
Jul 1, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerability in Palo Alto Networks MineMeld version 0.9.60 and earlier may allow a remote attacker able to convince an authenticated MineMeld admin to type malicious input in the MineMeld UI could e...Show more
Cross-site scripting vulnerability in Palo Alto Networks MineMeld version 0.9.60 and earlier may allow a remote attacker able to convince an authenticated MineMeld admin to type malicious input in the MineMeld UI could execute arbitrary JavaScript code in the admin’s browser.Show less
CVE-2019-1577
1Paloaltonetworks
1Traps
Nov 21, 2024
Jul 1, 2019
N/A· v4
6.3 MEDIUM· v3
6.5 MEDIUM· v2
Code injection vulnerability in Palo Alto Networks Traps 5.0.5 and earlier may allow an authenticated attacker to inject arbitrary JavaScript or HTML.
CVE-2019-1568
1Paloaltonetworks
1Demisto
Nov 21, 2024
May 9, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Palo Alto Networks Demisto 4.5 build 40249 may allow an unauthenticated attacker to run arbitrary JavaScript or HTML.
CVE-2019-1574
1Paloaltonetworks
1Expedition Migration Tool
Nov 21, 2024
Apr 12, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View.
CVE-2019-1573
1Paloaltonetworks
1Globalprotect
Nov 21, 2024
Apr 9, 2019
N/A· v4
2.5 LOW· v3
1.9 LOW· v2
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to ac...Show more
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user.Show less
CVE-2019-1567
1Paloaltonetworks
1Expedition Migration Tool
Nov 21, 2024
Apr 9, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings.
CVE-2019-1571
1Paloaltonetworks
1Expedition
Nov 21, 2024
Mar 26, 2019
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings.
CVE-2019-1572
1Paloaltonetworks
1Pan Os
Nov 21, 2024
Mar 26, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files.
CVE-2019-1570
1Paloaltonetworks
1Expedition
Nov 21, 2024
Mar 26, 2019
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
CVE-2019-1569
1Paloaltonetworks
1Expedition
Nov 21, 2024
Mar 26, 2019
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
CVE-2019-1559
13Canonical
DebianF5+10 more
82A220 Firmware
A320 FirmwareA800 Firmware+79 more
Nov 21, 2024
Feb 27, 2019
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte r...Show more
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).Show less
CVE-2019-1566
1Paloaltonetworks
1Pan Os
Nov 21, 2024
Jan 30, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML.
CVE-2019-1565
1Paloaltonetworks
1Pan Os
Nov 21, 2024
Jan 30, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with write privileges to E...Show more
The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with write privileges to External Dynamic List configuration to inject arbitrary JavaScript or HTML.Show less