Lucene search
K

858 matches found

Nuclei
Nuclei
added 2 hours ago47 views

Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting

Palo Alto Networks PAN-OS before 8.1.4 GlobalProtect Portal Login page allows an unauthenticated attacker to inject arbitrary JavaScript or HTML, making it vulnerable to cross-site scripting. id: CVE-2018-10141 info: name: Palo Alto Networks PAN-OS GlobalProtect 8.1.4 - Cross-Site Scripting autho...

6.1CVSS6.5AI score0.03883EPSS
Exploits0References4
NVD
NVD
added yesterday6 views

CVE-2026-0279

Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal aka Captive Portal service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated user to store or execute malicious JavaScript payloa...

5.3CVSS
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-42682

Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal aka Captive Portal service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated user to store or execute malicious JavaScript payloa...

5.3CVSS5.4AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-0279

Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal aka Captive Portal service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated user to store or execute malicious JavaScript payloa...

5.3CVSS5.4AI score
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2 days ago4 views

Palo Alto Networks PAN-OS 11.1.x < 11.1.16 / 11.2.x < 11.2.13 / 12.1.x < 12.1.8 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 11.1.x prior to 11.1.16, 11.2.x prior to 11.2.13, or 12.1.x prior to 12.1.8. It is, therefore, affected by a vulnerability. Multiple cross site scripting vulnerabilities in the User-ID Authentication Portal aka Captive Portal...

5.3CVSS5.5AI score
Exploits0References2
Nuclei
Nuclei
added 3 days ago55 views

Palo Alto Network PAN-OS - Remote Code Execution

Palo Alto Network PAN-OS and Panorama before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface. id: CVE-2017-15944 info: name: Palo Alto Network PAN-OS - Remote Code Execution...

9.8CVSS7.7AI score0.9834EPSS
Exploits13References5
Nuclei
Nuclei
added last week176 views

PAN-OS Management Web Interface - Authentication Bypass

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege...

9.8CVSS7.3AI score0.99698EPSS
Exploits18References3
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.757 views

GlobalProtect - OS Command Injection

A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.Cloud NGFW, Panorama...

10CVSS9.2AI score0.99999EPSS
Exploits43References5
The Hacker News
The Hacker News
added 2026/06/15 6:17 a.m.21 views

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portals. The vulnerability in question is CVE-2026-0257 CVSS score: 7.8, an authentication bypass flaw...

9.1CVSS6.1AI score0.86678EPSS
Exploits11
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.8 views

Palo Alto GlobalProtect TLS Posture Scanner

This Metasploit auxiliary module is structured as a defensive assessment tool focused on TLS posture analysis and service identification for GlobalProtect deployments...

5.3AI score
Exploits0
Packet Storm
Packet Storm
added 2026/06/12 12:0 a.m.75 views

📄 Palo Alto GlobalProtect Authentication Bypass

This Metasploit module exploits an authentication bypass vulnerability in Palo Alto Networks PAN-OS GlobalProtect portal and gateway components. The vulnerability stems from CWE-565: Reliance on Cookies without Validation and Integrity Checking. An unauthenticated remote attacker can forge...

9.1CVSS5.5AI score0.86678EPSS
Exploits11
EUVD
EUVD
added 2026/06/11 12:32 a.m.15 views

EUVD-2026-36135

An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions even if the...

7.1CVSS6.7AI score0.00405EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 10:16 p.m.11 views

CVE-2026-0267

An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions even if the...

6.9CVSS0.00104EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 8:31 p.m.23 views

CVE-2026-0267

CVE-2026-0267 affects the Palo Alto Networks GlobalProtect app on macOS. It is described as an information exposure vulnerability where a local user can learn the passcodes used to disable, disconnect, or uninstall the app, enabling those actions despite configuration restrictions. The provided d...

6.9CVSS5.5AI score0.00104EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/10 8:31 p.m.32 views

CVE-2026-0267 GlobalProtect App: Information Exposure Vulnerability on macOS

An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions even if the...

6.9CVSS0.00104EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/10 8:31 p.m.9 views

CVE-2026-0267 GlobalProtect App: Information Exposure Vulnerability on macOS

An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions even if the...

6.9CVSS5.5AI score0.00104EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/10 7:34 a.m.66 views

Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os

🚨 CVE-2026-0257 – PAN-OS GlobalProtect Authentication Bypass...

9.1CVSS5.9AI score0.86678EPSS
Exploits11
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.13 views

PT-2026-48528

An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions even if the...

6.9CVSS5.5AI score0.00104EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.22 views

Palo Alto Networks GlobalProtect app 日志信息泄露漏洞

The Palo Alto Networks GlobalProtect app is a network protection software developed by Palo Alto Networks. The GlobalProtect app for macOS has a vulnerability related to log information leakage. This vulnerability allows local users to obtain the configuration passwords necessary to disable,...

6.9CVSS5.3AI score0.00104EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/09 11:16 a.m.63 views

Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os

CVE-2026-0257 - GlobalProtect portal Authentication Bypass...

9.1CVSS6AI score0.86678EPSS
Exploits11
Rows per page
Query Builder