CVE-2026-0256
- EPSS 0.04%
- Veröffentlicht 13.05.2026 18:18:05
- Zuletzt bearbeitet 14.05.2026 16:21:23
A stored cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series...
CVE-2026-0261
- EPSS 0.08%
- Veröffentlicht 13.05.2026 17:59:31
- Zuletzt bearbeitet 14.05.2026 16:21:23
Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have acce...
CVE-2026-0265
- EPSS 0.08%
- Veröffentlicht 13.05.2026 17:38:33
- Zuletzt bearbeitet 13.05.2026 18:17:47
An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS i...
CVE-2026-0300
- EPSS 14.43%
- Veröffentlicht 06.05.2026 18:57:39
- Zuletzt bearbeitet 12.05.2026 18:47:21
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series ...
CVE-2020-1978
- EPSS 0.09%
- Veröffentlicht 08.04.2020 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:11:46
TechSupport files generated on Palo Alto Networks VM Series firewalls for Microsoft Azure platform configured with high availability (HA) inadvertently collect Azure dashboard service account credentials. These credentials are equivalent to the crede...