Paloaltonetworks

Pan-os

242 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-1581

  • EPSS 2.69%
  • Veröffentlicht 23.08.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:36:51

A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 version...

7.2

CVE-2019-1582

  • EPSS 0.54%
  • Veröffentlicht 23.08.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:36:51

Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.

8.1

CVE-2019-1579

Warnung Exploit
  • EPSS 92.88%
  • Veröffentlicht 19.07.2019 22:15:11
  • Zuletzt bearbeitet 04.11.2025 16:49:38

Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code...

8.8

CVE-2019-1575

  • EPSS 0.68%
  • Veröffentlicht 16.07.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:36:50

Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API key of the device and/or the us...

8.8

CVE-2019-1576

  • EPSS 5.22%
  • Veröffentlicht 16.07.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:36:50

Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.

7.5

CVE-2019-1572

  • EPSS 0.46%
  • Veröffentlicht 26.03.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:36:50

PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files.

5.9

CVE-2019-1559

  • EPSS 4.96%
  • Veröffentlicht 27.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:36:48

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid...

5.4

CVE-2019-1565

  • EPSS 0.32%
  • Veröffentlicht 30.01.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:36:49

The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with write privileges to External Dynamic List configura...

6.1

CVE-2019-1566

  • EPSS 1.11%
  • Veröffentlicht 30.01.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:36:49

The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML.

6.1

CVE-2018-10141

  • EPSS 44.15%
  • Veröffentlicht 12.10.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:40:55

GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.