Lucene search
+L

53 matches found

nessus
nessus
added 2026/05/13 12:0 a.m.15 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS software enable an authenticated administrator t...

8.6CVSS6AI score0.01403EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/02/11 5:56 p.m.5 views

CVE-2026-0229

A denial-of-service DoS vulnerability in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance...

8.7CVSS5.5AI score0.0056EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/02/11 5:56 p.m.48 views

CVE-2026-0229

CVE-2026-0229 is a DoS vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS software. It allows an unauthenticated attacker to reboot the firewall by sending a maliciously crafted packet; repeated reboot attempts can drive the device into maintenance mode. Cloud ...

8.7CVSS5.5AI score0.0056EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/02/11 12:0 a.m.16 views

PT-2026-7632

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions affected versions not specified Description A denial-of-service DoS condition exists in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS software. An unauthenticated attacker can exploit th...

8.7CVSS5.5AI score0.0056EPSS
Exploits0References9
euvd
euvd
added 2025/11/13 9:31 p.m.4 views

EUVD-2025-175383

A denial-of-service DoS vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. This issue is...

8.7CVSS6.5AI score0.00555EPSS
Exploits0References2
cve
cve
added 2025/11/13 8:24 p.m.37 views

CVE-2025-4619

CVE-2025-4619 describes a DoS in Palo Alto Networks PAN-OS where an unauthenticated attacker can reboot a firewall by sending a specially crafted dataplane packet, with repeated attempts causing maintenance mode. Affected products include PAN-OS running on PA-Series firewalls, VM-Series firewalls...

8.7CVSS6.6AI score0.00555EPSS
Exploits0References1
euvd
euvd
added 2025/10/09 9:31 p.m.7 views

EUVD-2025-33583

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...

7CVSS6.7AI score0.00737EPSS
Exploits2References2
nvd
nvd
added 2025/10/09 7:15 p.m.7 views

CVE-2025-4614

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

4.8CVSS0.00225EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/10/09 6:28 p.m.3 views

CVE-2025-4615 PAN-OS: Improper Neutralization of Input in the Management Web Interface

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...

7CVSS6.8AI score0.00737EPSS
Exploits2References1
cvelist
cvelist
added 2025/10/09 6:13 p.m.11 views

CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

4.8CVSS0.00225EPSS
Exploits0References1
nessus
nessus
added 2025/10/08 12:0 a.m.6 views

Palo Alto Networks PAN-OS 10.2.x < 10.2.17 / 11.1.x < 11.1.12 / 11.2.x < 11.2.8 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.17, 11.1.x prior to 11.1.12, or 11.2.x prior to 11.2.8. It is, therefore, affected by a vulnerability. An information disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated...

4.8CVSS6AI score0.00225EPSS
Exploits0References2
attackerkb
attackerkb
added 2025/06/13 12:15 a.m.1 views

CVE-2025-4230

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI. The security risk posed by this...

8.4CVSS6AI score0.00637EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2025/06/13 12:15 a.m.3 views

CVE-2025-4231

A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access...

8.6CVSS5.8AI score0.01033EPSS
Exploits0References2Affected Software1
osv
osv
added 2025/05/14 6:15 p.m.5 views

CVE-2025-0130

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...

7.5CVSS5.8AI score0.00358EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/05/12 12:0 a.m.4 views

Radware Cloud Web Application Firewall 安全漏洞

Radware Cloud Web Application Firewall is a cloud-based web application firewall from Radware Israel. A security vulnerability exists in versions of Radware Cloud Web Application Firewall prior to 2025-05-07, which stems from the addition of special characters to a request may bypass firewall...

9.1CVSS8.6AI score0.00543EPSS
Exploits0References3
akamaiblog
akamaiblog
added 2025/02/06 4:0 p.m.5 views

Managed Network Cloud Firewall: Comprehensive Protection for Network Attack Surface

...

7.3AI score
Exploits0
osv
osv
added 2024/04/12 8:15 a.m.3 views

CVE-2024-3400

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the...

10CVSS6.1AI score0.99999EPSS
Exploits43References5
bdu_fstec
bdu_fstec
added 2023/12/06 12:0 a.m.8 views

The vulnerability of the Tyk application programming interface, related to the lack of security measures for SQL query structures, allows attackers to execute arbitrary SQL queries.

The vulnerability of the Tyk cloud firewall’s application programming interface is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

10CVSS8.1AI score0.01247EPSS
Exploits2References3Affected Software1
bdu_fstec
bdu_fstec
added 2023/11/29 12:0 a.m.6 views

The vulnerability of the Tyk application programming interface, related to the lack of security measures for SQL query structures, allows attackers to execute arbitrary SQL queries.

The vulnerability of the Tyk cloud firewall’s application programming interface is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

10CVSS8.1AI score0.01257EPSS
Exploits2References3Affected Software1
exploitdb
exploitdb
added 2019/08/12 12:0 a.m.501 views

Cisco Adaptive Security Appliance - Path Traversal (Metasploit)

require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal", 'Description' = %q Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without...

7.5CVSS7.9AI score0.99903EPSS
Exploits18
Rows per page
Query Builder