← Back

Paloaltonetworks

paloaltonetworks

311 CVEs • 84 products

Products (84)

Click to collapse
Toggle
Pan Os
pan-os
212 CVEs
Globalprotect
globalprotect
34 CVEs
Cortex Xdr Agent
cortex_xdr_agent
19 CVEs
Expedition
expedition
16 CVEs
Cortex Xsoar
cortex_xsoar
9 CVEs
Prisma Access
prisma_access
8 CVEs
Prisma Cloud
prisma_cloud
4 CVEs
Terminal Services Agent
terminal_services_agent
3 CVEs
Traps
traps
3 CVEs
Expedition Migration Tool
expedition_migration_tool
3 CVEs
Secdo
secdo
3 CVEs
Bridgecrew Checkov
bridgecrew_checkov
2 CVEs
Netconnect
netconnect
1 CVE
Demisto
demisto
1 CVE
Minemeld
minemeld
1 CVE
Twistlock
twistlock
1 CVE
Vm Series
vm-series
1 CVE
Cortex Xsoar Commonscripts
cortex_xsoar_commonscripts
1 CVE
Pa 7050
pa-7050
0 CVEs
Pa 7080
pa-7080
0 CVEs
Pa 200
pa-200
0 CVEs
Pa 2020
pa-2020
0 CVEs
Pa 2050
pa-2050
0 CVEs
Pa 220
pa-220
0 CVEs
Pa 3020
pa-3020
0 CVEs
Pa 3050
pa-3050
0 CVEs
Pa 3060
pa-3060
0 CVEs
Pa 3220
pa-3220
0 CVEs
Pa 3250
pa-3250
0 CVEs
Pa 3260
pa-3260
0 CVEs
Pa 500
pa-500
0 CVEs
Pa 5200
pa-5200
0 CVEs
Pa 800
pa-800
0 CVEs
Vm Series Firewall
vm-series_firewall
0 CVEs
Panorama M 200
panorama_m-200
0 CVEs
Panorama M 500
panorama_m-500
0 CVEs
Panorama M 600
panorama_m-600
0 CVEs
Pa 5410
pa-5410
0 CVEs
Pa 5420
pa-5420
0 CVEs
Pa 5430
pa-5430
0 CVEs
Pa 5440
pa-5440
0 CVEs
Pa 5445
pa-5445
0 CVEs
Pa 1410
pa-1410
0 CVEs
Pa 1420
pa-1420
0 CVEs
Pa 3410
pa-3410
0 CVEs
Pa 3420
pa-3420
0 CVEs
Pa 3430
pa-3430
0 CVEs
Pa 3440
pa-3440
0 CVEs
Pa 410
pa-410
0 CVEs
Pa 410r
pa-410r
0 CVEs
Pa 410r 5g
pa-410r-5g
0 CVEs
Pa 415
pa-415
0 CVEs
Pa 415 5g
pa-415-5g
0 CVEs
Pa 440
pa-440
0 CVEs
Pa 445
pa-445
0 CVEs
Pa 450
pa-450
0 CVEs
Pa 450r
pa-450r
0 CVEs
Pa 450r 5g
pa-450r-5g
0 CVEs
Pa 455
pa-455
0 CVEs
Pa 455 5g
pa-455-5g
0 CVEs
Pa 455r 5g
pa-455r-5g
0 CVEs
Pa 460
pa-460
0 CVEs
Pa 501
pa-501
0 CVEs
Pa 505
pa-505
0 CVEs
Pa 510
pa-510
0 CVEs
Pa 520
pa-520
0 CVEs
Pa 540
pa-540
0 CVEs
Pa 545 Poe
pa-545-poe
0 CVEs
Pa 5450
pa-5450
0 CVEs
Pa 550
pa-550
0 CVEs
Pa 5540
pa-5540
0 CVEs
Pa 555 Poe
pa-555-poe
0 CVEs
Pa 5550
pa-5550
0 CVEs
Pa 5560
pa-5560
0 CVEs
Pa 5570
pa-5570
0 CVEs
Pa 5580
pa-5580
0 CVEs
Pa 560
pa-560
0 CVEs
Pa 7500
pa-7500
0 CVEs
Pa 7500 Dpc A
pa-7500-dpc-a
0 CVEs
Vm 100
vm-100
0 CVEs
Vm 300
vm-300
0 CVEs
Vm 50
vm-50
0 CVEs
Vm 500
vm-500
0 CVEs
Vm 700
vm-700
0 CVEs

CVEs (311)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-9150
1Paloaltonetworks
1Pan Os
May 6, 2026
Nov 19, 2016
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows remote attacke...Show more
Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows remote attackers to execute arbitrary code via unspecified vectors.Show less
CVE-2016-9149
1Paloaltonetworks
1Pan Os
May 6, 2026
Nov 19, 2016
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
The Addresses Object parser in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 mishandles single quote characters, which...Show more
The Addresses Object parser in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 mishandles single quote characters, which allows remote authenticated users to conduct XPath injection attacks via a crafted string.Show less
CVE-2016-5195
7Canonical
DebianFedoraproject+4 more
18Cloud Backup
Debian LinuxEnterprise Linux+15 more
Apr 21, 2026
Nov 10, 2016
N/A· v4
7.0 HIGH· v3
7.2 HIGH· v2
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping,...Show more
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."Show less
CVE-2016-1712
1Paloaltonetworks
1Pan Os
May 6, 2026
Aug 2, 2016
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x before 6.0.14, 6.1.x before 6.1.12, and 7.0.x before 7.0.8 might allow local users to gain privileges by leveraging improper sanitization of the root_re...Show more
Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x before 6.0.14, 6.1.x before 6.1.12, and 7.0.x before 7.0.8 might allow local users to gain privileges by leveraging improper sanitization of the root_reboot local invocation.Show less
CVE-2016-2219
1Paloaltonetworks
1Pan Os
May 6, 2026
Jul 12, 2016
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Cross-site scripting (XSS) vulnerability in the management interface in Palo Alto Networks PAN-OS 7.x before 7.0.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-4971
4Canonical
GnuOracle+1 more
4Pan Os
SolarisUbuntu Linux+1 more
May 6, 2026
Jun 30, 2016
N/A· v4
8.8 HIGH· v3
4.3 MEDIUM· v2
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVE-2016-3657
1Paloaltonetworks
1Pan Os
May 6, 2026
Apr 12, 2016
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to cause a denial of service (device crash)...Show more
Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to cause a denial of service (device crash) or possibly execute arbitrary code via an SSL VPN request.Show less
CVE-2016-3656
1Paloaltonetworks
1Pan Os
May 6, 2026
Apr 12, 2016
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted r...Show more
The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request.Show less
CVE-2016-3655
1Paloaltonetworks
1Pan Os
May 6, 2026
Apr 12, 2016
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API ca...Show more
The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call.Show less
CVE-2016-3654
1Paloaltonetworks
1Pan Os
May 6, 2026
Apr 12, 2016
N/A· v4
7.2 HIGH· v3
9.0 HIGH· v2
The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x before 5.1.11, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote authenticated administr...Show more
The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x before 5.1.11, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote authenticated administrators to execute arbitrary OS commands via an SSH command parameter.Show less
CVE-2015-4162
1Paloaltonetworks
1Pan Os
May 6, 2026
Jun 2, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted...Show more
XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data.Show less
CVE-2014-3764
1Paloaltonetworks
1Pan Os
May 6, 2026
Jan 6, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x before 5.1.10, and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary we...Show more
Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x before 5.1.10, and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Ref ID 64563.Show less
CVE-2013-5664
1Paloaltonetworks
1Pan Os
Apr 29, 2026
Aug 31, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and 5.0.x before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via...Show more
Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and 5.0.x before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via crafted data, aka Ref ID 50908.Show less
CVE-2013-5663
1Paloaltonetworks
1Pan Os
Apr 29, 2026
Aug 31, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that trigger invalid cach...Show more
The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that trigger invalid caching, as demonstrated by incorrect identification of HTTP traffic as SIP traffic, aka Ref ID 47195.Show less
CVE-2012-6606
1Paloaltonetworks
2Globalprotect
Netconnect
Apr 29, 2026
Aug 31, 2013
N/A· v4
N/A· v3
5.8 MEDIUM· v2
Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensitive information via a...Show more
Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensitive information via a crafted certificate.Show less
CVE-2012-6605
1Paloaltonetworks
1Pan Os
Apr 29, 2026
Aug 31, 2013
N/A· v4
N/A· v3
9.0 HIGH· v2
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896.
CVE-2012-6604
1Paloaltonetworks
1Pan Os
Apr 29, 2026
Aug 31, 2013
N/A· v4
N/A· v3
9.0 HIGH· v2
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249.
CVE-2012-6603
1Paloaltonetworks
1Pan Os
Apr 29, 2026
Aug 31, 2013
N/A· v4
N/A· v3
10.0 HIGH· v2
The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors,...Show more
The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034.Show less
CVE-2012-6602
1Paloaltonetworks
1Pan Os
Apr 29, 2026
Aug 31, 2013
N/A· v4
N/A· v3
9.0 HIGH· v2
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122.
CVE-2012-6601
1Paloaltonetworks
1Pan Os
Apr 29, 2026
Aug 31, 2013
N/A· v4
N/A· v3
10.0 HIGH· v2
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 3...Show more
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983.Show less