Pan OS
CVEs (240)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-0266 | Low | 0.07 | — | 0.00 | Jun 10, 2026 | A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on… | ||
| CVE-2025-0107 | 0.07 | — | 0.78 | Jan 11, 2025 | An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API… | |||
| CVE-2020-2036 | 0.06 | — | 0.24 | Sep 9, 2020 | A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web… | |||
| CVE-2020-2034 | 0.06 | — | 0.07 | Jul 8, 2020 | An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be… | |||
| CVE-2021-3064 | 0.05 | — | 0.19 | Nov 10, 2021 | A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have… | |||
| CVE-2021-3060 | 0.04 | — | 0.34 | Nov 10, 2021 | An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The… | |||
| CVE-2018-10141 | 0.04 | — | 0.04 | Oct 12, 2018 | GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML. | |||
| CVE-2020-2039 | 0.01 | — | 0.46 | Sep 9, 2020 | An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to… | |||
| CVE-2026-0227 | 0.00 | — | 0.01 | Jan 15, 2026 | A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode. | |||
| CVE-2025-4614 | 0.00 | — | 0.00 | Oct 9, 2025 | An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security… | |||
| CVE-2025-4231 | 0.00 | — | 0.01 | Jun 12, 2025 | A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud… | |||
| CVE-2025-0124 | 0.00 | — | 0.00 | Apr 11, 2025 | An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but… | |||
| CVE-2025-0114 | 0.00 | — | 0.00 | Mar 12, 2025 | A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both… | |||
| CVE-2025-0106 | 0.00 | — | 0.00 | Jan 11, 2025 | A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem. | |||
| CVE-2025-0105 | 0.00 | — | 0.13 | Jan 11, 2025 | An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem. | |||
| CVE-2025-0104 | 0.00 | — | 0.00 | Jan 11, 2025 | A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing… | |||
| CVE-2025-0103 | 0.00 | — | 0.01 | Jan 11, 2025 | An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read… | |||
| CVE-2024-2550 | 0.00 | — | 0.01 | Nov 14, 2024 | A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS)… | |||
| CVE-2024-5920 | 0.00 | — | 0.00 | Nov 14, 2024 | A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform… | |||
| CVE-2024-5917 | 0.00 | — | 0.00 | Nov 14, 2024 | A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible. |
- risk 0.07cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on…
- CVE-2025-0107Jan 11, 2025risk 0.07cvss —epss 0.78
An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API…
- CVE-2020-2036Sep 9, 2020risk 0.06cvss —epss 0.24
A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web…
- CVE-2020-2034Jul 8, 2020risk 0.06cvss —epss 0.07
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be…
- CVE-2021-3064Nov 10, 2021risk 0.05cvss —epss 0.19
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have…
- CVE-2021-3060Nov 10, 2021risk 0.04cvss —epss 0.34
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The…
- CVE-2018-10141Oct 12, 2018risk 0.04cvss —epss 0.04
GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.
- CVE-2020-2039Sep 9, 2020risk 0.01cvss —epss 0.46
An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to…
- CVE-2026-0227Jan 15, 2026risk 0.00cvss —epss 0.01
A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode.
- CVE-2025-4614Oct 9, 2025risk 0.00cvss —epss 0.00
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security…
- CVE-2025-4231Jun 12, 2025risk 0.00cvss —epss 0.01
A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud…
- CVE-2025-0124Apr 11, 2025risk 0.00cvss —epss 0.00
An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but…
- CVE-2025-0114Mar 12, 2025risk 0.00cvss —epss 0.00
A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both…
- CVE-2025-0106Jan 11, 2025risk 0.00cvss —epss 0.00
A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem.
- CVE-2025-0105Jan 11, 2025risk 0.00cvss —epss 0.13
An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem.
- CVE-2025-0104Jan 11, 2025risk 0.00cvss —epss 0.00
A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing…
- CVE-2025-0103Jan 11, 2025risk 0.00cvss —epss 0.01
An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read…
- CVE-2024-2550Nov 14, 2024risk 0.00cvss —epss 0.01
A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS)…
- CVE-2024-5920Nov 14, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform…
- CVE-2024-5917Nov 14, 2024risk 0.00cvss —epss 0.00
A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.
Page 5 of 12