Paloaltonetworks

Pan-os

226 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.6

CVE-2018-9242

  • EPSS 0.1%
  • Published 03.07.2018 21:29:00
  • Last modified 21.11.2024 04:15:11

The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier may allow an attacker to delete files in the system via specific request parameters.

5.5

CVE-2018-9334

  • EPSS 0.11%
  • Published 03.07.2018 21:29:00
  • Last modified 21.11.2024 04:15:21

The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.8 and earlier, and PAN-OS 8.1.0 may allow an attacker to access the GlobalProtect password hashes of local users via manipulation of the HTML...

5.4

CVE-2018-9335

  • EPSS 0.36%
  • Published 03.07.2018 21:29:00
  • Last modified 21.11.2024 04:15:21

The PAN-OS session browser in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML.

6.1

CVE-2017-15941

  • EPSS 0.59%
  • Published 10.01.2018 18:29:01
  • Last modified 21.11.2024 03:15:29

Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote attackers to inject arbitrary...

6.1

CVE-2017-16878

  • EPSS 0.24%
  • Published 10.01.2018 18:29:01
  • Last modified 21.11.2024 03:17:09

Cross-site scripting (XSS) vulnerability in the Captive Portal function in Palo Alto Networks PAN-OS before 8.0.7 allows remote attackers to inject arbitrary web script or HTML by leveraging an unspecified configuration.

5.9

CVE-2017-17841

  • EPSS 1.46%
  • Published 10.01.2018 18:29:01
  • Last modified 21.11.2024 03:18:47

Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect portal or gateway, might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenb...

9.8

CVE-2017-15940

  • EPSS 6.14%
  • Published 11.12.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

The web interface packet capture management component in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote authenticated users to execute arbitrary code via unspecified vectors.

7.5

CVE-2017-15942

  • EPSS 1.41%
  • Published 11.12.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.13, and 8.0.x before 8.0.6 allows remote attackers to cause a denial of service via vectors related to the management interface.

5.3

CVE-2017-15943

  • EPSS 0.57%
  • Published 11.12.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, and 7.1.x before 7.1.14 allows remote attackers to conduct server-si...

9.8

CVE-2017-15944

Warning Exploit
  • EPSS 93.89%
  • Published 11.12.2017 17:29:00
  • Last modified 30.07.2025 02:15:36

Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.