VYPR

Vendor CVEs

Paloaltonetworks

All CVEs

417 total · sorted by risk
  • CVE-2025-2184MedAug 13, 2025
    risk 0.34cvss epss 0.00

    A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The…

  • CVE-2025-2183MedAug 13, 2025
    risk 0.34cvss epss 0.00

    An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install…

  • CVE-2025-0136MedMay 14, 2025
    risk 0.34cvss epss 0.00

    Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series) leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This…

  • CVE-2025-0113MedFeb 12, 2025
    risk 0.34cvss epss 0.00

    A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the…

  • CVE-2024-9470MedOct 9, 2024
    risk 0.34cvss epss 0.00

    A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data.

  • CVE-2026-0259MedMay 13, 2026
    risk 0.33cvss epss 0.00

    An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS…

  • CVE-2025-4233MedJun 12, 2025
    risk 0.33cvss epss 0.00

    An insufficient implementation of cache vulnerability in Palo Alto Networks Prisma® Access Browser enables users to bypass certain data control policies.

  • CVE-2025-0122MedApr 11, 2025
    risk 0.33cvss epss 0.00

    A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma® SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to…

  • CVE-2026-0243MedMay 13, 2026
    risk 0.32cvss epss 0.00

    A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet.

  • CVE-2026-0249MedMay 13, 2026
    risk 0.32cvss epss 0.00

    Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an…

  • CVE-2026-0270MedJun 10, 2026
    risk 0.31cvss epss 0.00

    A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write…

  • CVE-2026-0258MedMay 13, 2026
    risk 0.31cvss epss 0.00

    A server-side request forgery (SSRF) vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service (DoS) condition. …

  • CVE-2025-2180MedAug 13, 2025
    risk 0.31cvss epss 0.00

    An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud. This issue impacts Checkov…

  • CVE-2025-0137MedMay 14, 2025
    risk 0.31cvss epss 0.00

    An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have…

  • CVE-2026-0269MedJun 10, 2026
    risk 0.30cvss epss 0.00

    A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter…

  • CVE-2025-4228MedJun 13, 2025
    risk 0.30cvss epss 0.00

    An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex® XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and escalate their privileges to root.

  • CVE-2026-0268MedJun 10, 2026
    risk 0.29cvss epss 0.00

    A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel. This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS.

  • CVE-2026-0267MedJun 10, 2026
    risk 0.29cvss epss 0.00

    An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions…

  • CVE-2026-0256MedMay 13, 2026
    risk 0.29cvss epss 0.00

    A stored cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and…

  • CVE-2025-4618MedNov 14, 2025
    risk 0.29cvss epss 0.00

    A sensitive information disclosure vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to retrieve sensitive data from Prisma Browser. Browser self-protection should be enabled to mitigate this issue.

  • CVE-2024-9474KEVNov 18, 2024
    risk 0.29cvss epss 0.95

    A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

  • CVE-2024-0012KEVNov 18, 2024
    risk 0.29cvss epss 1.00

    An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other…

  • CVE-2024-3400KEVApr 12, 2024
    risk 0.29cvss epss 1.00

    A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root…

  • CVE-2018-10140MedAug 16, 2018
    risk 0.28cvss 4.3epss 0.02

    The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected.

  • CVE-2017-7217MedApr 14, 2017
    risk 0.28cvss 4.3epss 0.01

    The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters.

  • CVE-2026-0232MedApr 13, 2026
    risk 0.26cvss epss 0.00

    A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection.

  • CVE-2019-1579KEVJul 19, 2019
    risk 0.25cvss epss 0.39

    Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code.

  • CVE-2024-5910KEVJul 10, 2024
    risk 0.22cvss epss 0.92

    Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration…

  • CVE-2025-0108KEVFeb 12, 2025
    risk 0.20cvss epss 0.98

    An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While…

  • CVE-2024-9465KEVOct 9, 2024
    risk 0.20cvss epss 1.00

    An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary…

  • CVE-2024-9463KEVOct 9, 2024
    risk 0.20cvss epss 0.98

    An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

  • CVE-2020-2021KEVJun 29, 2020
    risk 0.20cvss epss 0.04

    When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access…

  • CVE-2025-0133LowMay 14, 2025
    risk 0.18cvss epss 0.44

    A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a…

  • CVE-2024-3393KEVDec 27, 2024
    risk 0.18cvss epss 0.27

    A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will…

  • CVE-2025-4234LowSep 12, 2025
    risk 0.16cvss epss 0.00

    A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This…

  • CVE-2025-22272LowFeb 28, 2025
    risk 0.14cvss epss 0.00

    In the "/EPMUI/ModalDlgHandler.ashx?value=showReadonlyDlg" endpoint, it is possible to inject code in the "modalDlgMsgInternal" parameter via POST, which is then executed in the browser. The risk of exploiting vulnerability is reduced due to the required additional bypassing the…

  • CVE-2026-0233LowApr 13, 2026
    risk 0.13cvss epss 0.00

    A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges.

  • CVE-2025-0138LowMay 14, 2025
    risk 0.13cvss epss 0.00

    Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not expire when users are deleted, which makes Prisma Cloud Compute Edition susceptible to unauthorized access. Compute in Prisma Cloud Enterprise Edition is not affected by this issue.

  • CVE-2025-22274LowFeb 28, 2025
    risk 0.13cvss epss 0.00

    It is possible to inject HTML code into the page content using the "content" field in the "Application definition" page. This issue affects CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown. After multiple attempts to contact…

  • CVE-2025-0111KEVFeb 12, 2025
    risk 0.12cvss epss 0.02

    An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the…

  • CVE-2022-0028KEVAug 10, 2022
    risk 0.12cvss epss 0.02

    A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series…

  • CVE-2020-2038Sep 9, 2020
    risk 0.10cvss epss 0.86

    An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS…

  • CVE-2026-0228LowFeb 11, 2026
    risk 0.08cvss epss 0.00

    An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so.

  • CVE-2026-0266LowJun 10, 2026
    risk 0.07cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on…

  • CVE-2026-0238LowMay 13, 2026
    risk 0.07cvss epss 0.00

    A vulnerability in Palo Alto Networks Broker VM allows an authenticated administrator to inject arbitrary content into certain Broker VM fields.

  • CVE-2025-4617LowNov 14, 2025
    risk 0.07cvss epss 0.00

    An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the browser. Browser self-protection should be enabled to mitigate this issue.

  • CVE-2025-4616LowNov 14, 2025
    risk 0.07cvss epss 0.00

    An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to revert the browser’s security controls.

  • CVE-2025-0107Jan 11, 2025
    risk 0.07cvss epss 0.78

    An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API…

  • CVE-2024-9464Oct 9, 2024
    risk 0.07cvss epss 0.82

    An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

  • CVE-2020-2036Sep 9, 2020
    risk 0.06cvss epss 0.24

    A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web…

Page 3 of 9