Total
167 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-3655 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call. | |||||
CVE-2015-4162 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 4.0 MEDIUM | N/A |
XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data. | |||||
CVE-2016-1712 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x before 6.0.14, 6.1.x before 6.1.12, and 7.0.x before 7.0.8 might allow local users to gain privileges by leveraging improper sanitization of the root_reboot local invocation. | |||||
CVE-2016-3654 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 9.0 HIGH | 7.2 HIGH |
The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x before 5.1.11, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote authenticated administrators to execute arbitrary OS commands via an SSH command parameter. | |||||
CVE-2016-3657 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to cause a denial of service (device crash) or possibly execute arbitrary code via an SSL VPN request. | |||||
CVE-2016-2219 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting (XSS) vulnerability in the management interface in Palo Alto Networks PAN-OS 7.x before 7.0.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2016-3656 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request. | |||||
CVE-2016-4971 | 4 Canonical, Gnu, Oracle and 1 more | 4 Ubuntu Linux, Wget, Solaris and 1 more | 2023-12-10 | 4.3 MEDIUM | 8.8 HIGH |
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. | |||||
CVE-2014-3764 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x before 5.1.10, and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Ref ID 64563. | |||||
CVE-2012-6603 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 10.0 HIGH | N/A |
The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034. | |||||
CVE-2012-6593 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 10.0 HIGH | N/A |
Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 30088. | |||||
CVE-2012-6602 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 9.0 HIGH | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122. | |||||
CVE-2012-6599 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 9.0 HIGH | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 and 4.1.x before 4.1.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33476. | |||||
CVE-2012-6600 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 9.0 HIGH | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 34502. | |||||
CVE-2012-6601 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 10.0 HIGH | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983. | |||||
CVE-2012-6596 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 5.0 MEDIUM | N/A |
Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passwords in authd.log, which allows context-dependent attackers to obtain sensitive information by reading this file, aka Ref ID 35493. | |||||
CVE-2012-6591 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 9.0 HIGH | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 31116. | |||||
CVE-2012-6604 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 9.0 HIGH | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249. | |||||
CVE-2012-6605 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 9.0 HIGH | N/A |
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896. | |||||
CVE-2012-6597 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 6.3 MEDIUM | N/A |
Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service (management-server crash) by using the command-line interface for a crafted command, aka Ref ID 35254. |