EUVD-2021-26414

Malware in sbrugna...

EUVD-2023-12112

Malicious code in bioql PyPI...

EUVD-2024-47051

Malicious code in bioql PyPI...

EUVD-2025-18245

Malicious code in bioql PyPI...

EUVD-2025-1508

Malicious code in bioql PyPI...

CVE-2025-4229

An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW...

CVE-2025-0127

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. This issue is only applicable to PAN-OS VM-Series. This issue does not affect firewalls that are already deploye...

CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have network access to the...

CVE-2025-0116

A Denial of Service DoS vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall to enter maintenance...

CVE-2025-0114 PAN-OS: Denial of Service (DoS) in GlobalProtect

A Denial of Service DoS vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect...

CVE-2025-0111

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...

CVE-2024-3393

A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall t...

CVE-2024-5917

A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible...

CVE-2024-5918

An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you...

CVE-2024-2552 PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)

A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall...

PAN-OS: Server-Side Request Forgery in WildFire

A server-side request forgery in PAN-OS software enables an authenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible. Work around: Recommended mitigation—The vast majority of firewalls already...

CVE-2024-3386

An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from...

CVE-2024-3383

CVE-2024-3383 affects Palo Alto Networks PAN-OS where data from Cloud Identity Engine (CIE) agents can modify User-ID groups. Affected are PAN-OS versions reported by the Nessus plugin: 10.1.x before 10.1.11, 10.2.x before 10.2.5, and 11.0.x before 11.0.3. Impact: user access may be incorrectly g...

CVE-2024-3382

CVE-2024-3382 describes a memory leak in Palo Alto Networks PAN-OS that affects PA-5400 Series devices with SSL Forward Proxy enabled, enabling a remote attacker to send crafted packets that exhaust the firewall’s processing capacity and cause a DoS. The issue is tied to PAN-OS SSL decryption/ Fo...

CVE-2024-0010

A reflected cross-site scripting XSS vulnerability in the GlobalProtect portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript in the context of a user’s browser if a user clicks on a malicious link, allowing phishing attacks that could lead to credential...