Lucene search
+L

98 matches found

nuclei
nuclei
added yesterday48 views

Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting

Palo Alto Networks PAN-OS before 8.1.4 GlobalProtect Portal Login page allows an unauthenticated attacker to inject arbitrary JavaScript or HTML, making it vulnerable to cross-site scripting. id: CVE-2018-10141 info: name: Palo Alto Networks PAN-OS GlobalProtect 8.1.4 - Cross-Site Scripting autho...

6.1CVSS6.4AI score0.03883EPSS
Exploits0References4
cvelist
cvelist
added 2026/07/09 7:8 p.m.37 views

CVE-2026-0279 PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities

Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal aka Captive Portal service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated user to store or execute malicious JavaScript payloa...

5.3CVSS0.0061EPSS
Exploits0References1
cve
cve
added 2026/07/09 7:5 p.m.12 views

CVE-2026-0280

CVE-2026-0280 concerns an IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS that allows an unauthenticated attacker to bypass firewall policy enforcement, enabling blocked traffic to reach protected services. Connected sources confirm PAN-OS impacts, with Cloud NG...

7.2CVSS6AI score0.00303EPSS
Exploits0References1Affected Software1
euvd
euvd
added 2026/07/09 7:2 p.m.7 views

EUVD-2026-42679

A file deletion vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. The security risk posed by this issue is minimized by restricting access to the management web...

6.9CVSS6AI score0.00288EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/09 7:1 p.m.7 views

CVE-2026-0283

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS6AI score0.00338EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/07/09 6:56 p.m.18 views

CVE-2026-0286

Summary: CVE-2026-0286 is a command-injection vulnerability in the PAN-OS management plane. An authenticated administrator can execute arbitrary OS commands as root, via the CLI. The flaw affects PAN-OS on PA-Series and VM-Series firewalls and Panorama (virtual and M-Series); Cloud NGFW and Prism...

8.5CVSS6.2AI score0.014EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.9 views

PT-2026-56911

Name of the Vulnerable Software and Affected Versions PAN-OS affected versions not specified Description An issue in the management web interface of PAN-OS software, affecting PA-Series and VM-Series firewalls as well as Panorama virtual and M-Series, allows an unauthenticated attacker with netwo...

6.9CVSS6.6AI score0.00288EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.22 views

PT-2026-56575

Name of the Vulnerable Software and Affected Versions PAN-OS versions 12.1 PAN-OS versions 11.2 PAN-OS versions 11.1 PAN-OS versions 10.2 Prisma Access affected versions not specified Description Multiple buffer overflow issues exist in the User-ID Terminal Server Agent TSA component of PAN-OS an...

10CVSS7.3AI score0.00557EPSS
Exploits0References13
nessus
nessus
added 2026/07/08 12:0 a.m.7 views

Palo Alto Networks PAN-OS 11.1.x < 11.1.16 / 11.2.x < 11.2.13 / 12.1.x < 12.1.8 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 11.1.x prior to 11.1.16, 11.2.x prior to 11.2.13, or 12.1.x prior to 12.1.8. It is, therefore, affected by a vulnerability. Multiple cross site scripting vulnerabilities in the User-ID Authentication Portal aka Captive Portal...

6.1CVSS6.5AI score0.0061EPSS
Exploits0References2
nessus
nessus
added 2026/07/08 12:0 a.m.7 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. An XML injection vulnerability in the Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software enables ...

9.9CVSS7AI score0.00448EPSS
Exploits0References2
nuclei
nuclei
added 2026/07/07 4:50 p.m.56 views

Palo Alto Network PAN-OS - Remote Code Execution

Palo Alto Network PAN-OS and Panorama before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface. id: CVE-2017-15944 info: name: Palo Alto Network PAN-OS - Remote Code Execution...

9.8CVSS7.7AI score0.9834EPSS
Exploits13References5
nuclei
nuclei
added 2026/06/25 5:45 a.m.198 views

PAN-OS Management Web Interface - Command Injection

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability. id: CVE-2024-9474 info...

7.2CVSS7.4AI score0.94766EPSS
Exploits14
nvd
nvd
added 2026/06/10 10:16 p.m.15 views

CVE-2026-0269

A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama,...

6.9CVSS0.00224EPSS
Exploits0References2
cve
cve
added 2026/06/10 9:1 p.m.33 views

CVE-2026-0273

CVE-2026-0273 is a command injection vulnerability in Palo Alto Networks PAN-OS software that allows an authenticated administrator to bypass system restrictions and execute arbitrary commands as root. The issue affects PAN-OS on PA-Series and VM-Series firewalls and Panorama , with access requir...

8.6CVSS5.7AI score0.01373EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/06/10 8:54 p.m.35 views

CVE-2026-0269

CVE-2026-0269 describes a memory corruption vulnerability in the tunnel traffic processing path of Palo Alto Networks PAN-OS software. An authenticated user can trigger system reboots by sending a maliciously crafted packet, and repeated attempts may cause the firewall to enter maintenance mode. ...

6.9CVSS5.5AI score0.00224EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/10 8:30 p.m.43 views

CVE-2026-0266 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

A cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama virtual and...

4.8CVSS0.00129EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/10 12:0 a.m.21 views

PT-2026-48485

Name of the Vulnerable Software and Affected Versions PAN-OS affected versions not specified Description A cross-site scripting XSS issue in the web interface of PAN-OS software on PA-Series and VM-Series firewalls, as well as Panorama virtual and M-Series, allows an authenticated administrator t...

4.8CVSS6.3AI score0.00129EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/05/31 12:0 a.m.26 views

PT-2026-45209

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description An out-of-bounds read can occur in the iavb parse key data function within avb rsa.c due to improper input validation. This issue allows for local information...

3.3CVSS5.5AI score0.00069EPSS
Exploits0References6
githubexploit
githubexploit
added 2026/05/21 8:39 p.m.110 views

Exploit for Out-of-bounds Write in Paloaltonetworks Pan-Os

No d...

9.8CVSS6AI score0.32074EPSS
Exploits6
nvd
nvd
added 2026/05/13 7:17 p.m.14 views

CVE-2026-0261

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security ri...

8.6CVSS0.01403EPSS
Exploits0References2
Rows per page
Query Builder