Paloaltonetworks

Pan-os

226 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-8610

  • EPSS 69.1%
  • Veröffentlicht 13.11.2017 22:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL ser...

6.1

CVE-2017-12416

  • EPSS 0.59%
  • Veröffentlicht 07.09.2017 13:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Cross-site scripting (XSS) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to inject arbit...

9.8

CVE-2017-9458

  • EPSS 1.27%
  • Veröffentlicht 07.09.2017 13:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to obtain sensit...

6.1

CVE-2017-9459

  • EPSS 0.59%
  • Veröffentlicht 02.08.2017 19:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Cross-site scripting (XSS) vulnerability in the management web interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to inject arbitrary web script or HTML via unspe...

6.1

CVE-2017-9467

  • EPSS 0.59%
  • Veröffentlicht 02.08.2017 19:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Cross-site scripting (XSS) vulnerability in the GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to inject arbitrary web script or HTML v...

10

CVE-2017-8390

  • EPSS 14.68%
  • Veröffentlicht 02.08.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to execute arbitrary code via a crafted domain name.

9.3

CVE-2015-6531

Exploit
  • EPSS 0.96%
  • Veröffentlicht 01.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 might allow remote attackers to execute arbitrary Python code via a crafted firmware image file.

6.5

CVE-2017-7216

  • EPSS 0.22%
  • Veröffentlicht 02.05.2017 15:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters.

6.5

CVE-2017-7644

  • EPSS 0.23%
  • Veröffentlicht 29.04.2017 00:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, and 7.1.x before 7.1.9 allows remote authenticated users to obtain sensitive information by leveraging incorrect permission validation, aka PAN-SA-2017-0013 a...

9.8

CVE-2017-7945

  • EPSS 0.44%
  • Veröffentlicht 29.04.2017 00:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which a...