53 matches found
Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS software enable an authenticated administrator t...
CVE-2026-0229
A denial-of-service DoS vulnerability in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance...
CVE-2026-0229
CVE-2026-0229 is a DoS vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS software. It allows an unauthenticated attacker to reboot the firewall by sending a maliciously crafted packet; repeated reboot attempts can drive the device into maintenance mode. Cloud ...
PT-2026-7632
Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions affected versions not specified Description A denial-of-service DoS condition exists in the Advanced DNS Security ADNS feature of Palo Alto Networks PAN-OS software. An unauthenticated attacker can exploit th...
EUVD-2025-175383
A denial-of-service DoS vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. This issue is...
CVE-2025-4619
CVE-2025-4619 describes a DoS in Palo Alto Networks PAN-OS where an unauthenticated attacker can reboot a firewall by sending a specially crafted dataplane packet, with repeated attempts causing maintenance mode. Affected products include PAN-OS running on PA-Series firewalls, VM-Series firewalls...
EUVD-2025-33583
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...
CVE-2025-4614
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...
CVE-2025-4615 PAN-OS: Improper Neutralization of Input in the Management Web Interface
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...
CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...
Palo Alto Networks PAN-OS 10.2.x < 10.2.17 / 11.1.x < 11.1.12 / 11.2.x < 11.2.8 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.17, 11.1.x prior to 11.1.12, or 11.2.x prior to 11.2.8. It is, therefore, affected by a vulnerability. An information disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated...
CVE-2025-4230
A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI. The security risk posed by this...
CVE-2025-4231
A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access...
CVE-2025-0130
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...
Radware Cloud Web Application Firewall 安全漏洞
Radware Cloud Web Application Firewall is a cloud-based web application firewall from Radware Israel. A security vulnerability exists in versions of Radware Cloud Web Application Firewall prior to 2025-05-07, which stems from the addition of special characters to a request may bypass firewall...
Managed Network Cloud Firewall: Comprehensive Protection for Network Attack Surface
...
CVE-2024-3400
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the...
The vulnerability of the Tyk application programming interface, related to the lack of security measures for SQL query structures, allows attackers to execute arbitrary SQL queries.
The vulnerability of the Tyk cloud firewall’s application programming interface is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
The vulnerability of the Tyk application programming interface, related to the lack of security measures for SQL query structures, allows attackers to execute arbitrary SQL queries.
The vulnerability of the Tyk cloud firewall’s application programming interface is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
Cisco Adaptive Security Appliance - Path Traversal (Metasploit)
require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal", 'Description' = %q Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without...