Palo Alto Networks Popular Vulnerabilities

Popular vulnerabilities are those that have been exploited or trending within the past 365 days.

Palo Alto Networks PAN-OS Command Injection Vulnerability

CVE-2024-3400
Palo Alto NetworksPan-os๐Ÿ”ฅ๐Ÿ˜„๐Ÿ‘พ๐ŸŸฃ10CRITICAL

Expedition Admin Account Takeover Risk Due to Missing Authentication

CVE-2024-5910
Palo Alto NetworksExpedition๐Ÿ”ฅ๐Ÿ˜„๐Ÿ‘พ๐ŸŸฃ9.8CRITICAL

Authentication Bypass Vulnerability Affects Palo Alto Networks PAN-OS Software

CVE-2024-0012
Palo Alto NetworksCloud Ngfw๐Ÿ”ฅ๐Ÿ˜„๐Ÿ‘พ๐ŸŸฃ9.8CRITICAL

OS Command Injection Vulnerability in Palo Alto Networks Expedition

CVE-2024-9464
Palo Alto NetworksExpedition๐Ÿ˜„๐Ÿ‘พ6.5MEDIUM

Insufficient Certificate Validation Vulnerability Affects GlobalProtect App for Android

CVE-2024-5921
Palo Alto NetworksGlobalprotect App๐Ÿ‘พ

Palo Alto Networks PAN-OS Privilege Escalation Vulnerability Affects Firewall

CVE-2024-9474
Palo Alto NetworksCloud Ngfw๐Ÿ‘พ๐ŸŸฃ7.2HIGH

Unathorized Access to GlobalProtect Service through Null Pointer Dereference Vulnerability

CVE-2024-2550
Palo Alto NetworksCloud Ngfw๐Ÿ‘พ

Palo Alto Networks PAN-OS Software Vulnerable to Cross-Site Scripting Attacks

CVE-2024-5920
Palo Alto NetworksCloud Ngfw๐Ÿ‘พ

Unauthenticated Server-Side Request Forgery Attack on PAN-OS Software Allows Proxy Access to Internal Network Resources

CVE-2024-5917
Palo Alto NetworksCloud Ngfw๐Ÿ‘พ

Palo Alto Networks PAN-OS Command Injection Vulnerability Allows Administrator Deletions

CVE-2024-2552
Palo Alto NetworksCloud Ngfw๐Ÿ‘พ

Improper Certificate Validation Vulnerability in Palo Alto Networks PAN-OS Software

CVE-2024-5918
Palo Alto NetworksCloud Ngfw๐Ÿ‘พ

Blind XML External Entities Injection Vulnerability Allows File Exfiltration

CVE-2024-5919
Palo Alto NetworksCloud Ngfw๐Ÿ‘พ

Unauthenticated Null Pointer Dereference Vulnerability Leads to DoS Condition and Maintenance Mode

CVE-2024-2551
Palo Alto NetworksCloud Ngfw๐Ÿ‘พ

Palo Alto Networks PAN-OS Software Under Denial of Service Attack via Null Pointer Dereference

CVE-2024-9472
Palo Alto NetworksCloud Ngfw๐Ÿ‘พ

Privilege Escalation Vulnerability in Palo Alto Networks GlobalProtect for Windows

CVE-2024-9473
Palo Alto NetworksGlobalprotect App๐Ÿ‘พ7.8HIGH

Palo Alto Networks Expedition OS Command Injection Vulnerability

CVE-2024-9463
Palo Alto NetworksExpedition๐Ÿ‘พ๐ŸŸฃ7.5HIGH

UnAuthenticated SQL Injection Vulnerability in Palo Alto Networks Expedition

CVE-2024-9465
Palo Alto NetworksExpedition๐Ÿ‘พ๐ŸŸฃ9.1CRITICAL

Sensitive Information Vulnerability in Palo Alto Networks Expedition

CVE-2024-9466
Palo Alto NetworksExpedition๐Ÿ‘พ6.5MEDIUM

Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure

CVE-2024-9467
Palo Alto NetworksExpedition๐Ÿ‘พ6.1MEDIUM

PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet

CVE-2024-9468
Palo Alto NetworksPan-os๐Ÿ‘พ

Cortex XDR Agent: Local Windows User Can Disable the Agent

CVE-2024-9469
Palo Alto NetworksCortex Xdr Agent๐Ÿ‘พ5.5MEDIUM

Cortex XSOAR: Information Disclosure Vulnerability

CVE-2024-9470
Palo Alto NetworksCortex Xsoar๐Ÿ‘พ

PAN-OS: Privilege Escalation (PE) Vulnerability in XML API

CVE-2024-9471
Palo Alto NetworksPan-os๐Ÿ‘พ4.7MEDIUM

Palo Alto Networks GlobalProtect Vulnerability: Impersonation of Authenticated Users

CVE-2024-8691
Palo Alto NetworksPan-os๐Ÿ‘พ7.1HIGH

Palo Alto Networks Cortex XDR Agent Vulnerability Allows Malware Disablement

CVE-2024-8690
Palo Alto NetworksCortex Xdr Agent๐Ÿ‘พ4.4MEDIUM

Cleartext Exposure of Configured ActiveMQ Credentials in Log Bundles

CVE-2024-8689
Palo Alto NetworksActiveMQ Content Pack๐Ÿ‘พ

Improper Neutralization of Matching Symbols Vulnerability in Palo Alto Networks PAN-OS CLI

CVE-2024-8688
Palo Alto NetworksPan-os๐Ÿ‘พ4.4MEDIUM

GlobalProtect Information Exposure Vulnerability

CVE-2024-8687
Palo Alto NetworksPan-os๐Ÿ‘พ7.1HIGH

Palo Alto Networks PAN-OS Command Injection Vulnerability Allows Rooted Access

CVE-2024-8686
Palo Alto NetworksPan-os๐Ÿ‘พ7.2HIGH

Palo Alto Networks GlobalProtect App Privilege Escalation Vulnerability Allows Local User Elevated Access

CVE-2024-5915
Palo Alto NetworksGlobalprotect App๐Ÿ‘พ7.8HIGH

Attackers can elevate privileges by tampering with physical file system

CVE-2024-5913
Palo Alto NetworksPan-os๐Ÿ‘พ6.1MEDIUM

Improper File Signature Check Could Bypass Executable Blocking

CVE-2024-5912
Palo Alto NetworksCortex Xdr Agent๐Ÿ‘พ

Panorama vulnerability allows unauthorized access and system disruption

CVE-2024-5911
Palo Alto NetworksPan-os๐Ÿ‘พ

Difficult-to-exploit privilege escalation vulnerability in Palo Alto Networks Cortex XDR agent on Windows devices

CVE-2024-5907
Palo Alto NetworksCortex Xdr Agent๐Ÿ‘พ7HIGH

Encrypted User Credentials Exposed in Application Logs

CVE-2024-5908
Palo Alto NetworksGlobalprotect App๐Ÿ‘พ7.5HIGH

Incorrect String Comparison Vulnerability Affects Predefined Decryption Exclusions in Palo Alto Networks PAN-OS Software

CVE-2024-3386
Palo Alto NetworksPan-os๐Ÿ‘พ5.3MEDIUM

Palo Alto Networks PAN-OS Vulnerability: Modification of User-ID Groups

CVE-2024-3383
Palo Alto NetworksPan-os๐Ÿ‘พ7.4HIGH

Improper Authorization Vulnerability in Palo Alto Networks Panorama Software

CVE-2024-2433
Palo Alto NetworksPan-os๐Ÿ‘พ4.3MEDIUM

Non-Privileged User Disables GlobalProtect App in Configurations Allowing Passcode Disablement

CVE-2024-2431
Palo Alto NetworksGlobalprotect App๐Ÿ‘พ5.5MEDIUM

Palo Alto Networks PAN-OS Software Vulnerable to Reflected Cross-Site Scripting Attacks

CVE-2024-0011
Palo Alto NetworksPan-os๐Ÿ‘พ6.1MEDIUM

Palo Alto Networks PAN-OS Portal Feature Vulnerable to Reflected Cross-Site Scripting Attacks

CVE-2024-0010
Palo Alto NetworksPan-os๐Ÿ‘พ6.1MEDIUM

Improper Verification Vulnerability in GlobalProtect Gateway Could Enable Unauthorized Access

CVE-2024-0009
Palo Alto NetworksPan-os๐Ÿ‘พ6.3MEDIUM

Unauthorized Access Vulnerability in PAN-OS Software

CVE-2024-0008
Palo Alto NetworksPan-os๐Ÿ‘พ8.8HIGH

Palo Alto Networks PAN-OS Software Vulnerable to Cross-Site Scripting Attacks

CVE-2024-0007
Palo Alto NetworksPan-os๐Ÿ‘พ4.8MEDIUM