Filtered by vendor Paloaltonetworks
Subscriptions
Filtered by product Pan-os
Subscriptions
Total
189 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-6604 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249. | ||||
CVE-2012-6603 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034. | ||||
CVE-2012-6602 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122. | ||||
CVE-2012-6601 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983. | ||||
CVE-2012-6600 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 34502. | ||||
CVE-2012-6599 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 and 4.1.x before 4.1.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33476. | ||||
CVE-2012-6598 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33080. | ||||
CVE-2012-6597 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service (management-server crash) by using the command-line interface for a crafted command, aka Ref ID 35254. | ||||
CVE-2012-6596 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passwords in authd.log, which allows context-dependent attackers to obtain sensitive information by reading this file, aka Ref ID 35493. | ||||
CVE-2012-6595 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34595. | ||||
CVE-2012-6594 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11, 4.0.x before 4.0.8, and 4.1.x before 4.1.1 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34299. | ||||
CVE-2012-6593 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 30088. | ||||
CVE-2012-6592 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 31091. | ||||
CVE-2012-6591 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 31116. | ||||
CVE-2012-6590 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote attackers to obtain verbose error information via crafted input, aka Ref ID 33139. | ||||
CVE-2024-2551 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-19 | N/A |
A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode. | ||||
CVE-2024-5919 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-15 | N/A |
A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface. | ||||
CVE-2024-2552 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-15 | N/A |
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall. | ||||
CVE-2024-2550 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-15 | N/A |
A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode. | ||||
CVE-2024-5920 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-15 | N/A |
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrator's browser. |