Vulnerabilities > Paloaltonetworks
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-12 | CVE-2020-1999 | Improper Check for Unusual or Exceptional Conditions vulnerability in Paloaltonetworks Pan-Os A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. | 5.3 |
| 2020-09-09 | CVE-2020-2044 | Information Exposure Through Log Files vulnerability in Paloaltonetworks Pan-Os An information exposure through log file vulnerability where an administrator's password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS software. | 3.3 |
| 2020-09-09 | CVE-2020-2043 | Information Exposure Through Log Files vulnerability in Paloaltonetworks Pan-Os An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Palo Alto Networks PAN-OS software when the after-change-detail custom syslog field is enabled for configuration logs and the sensitive field appears multiple times in one log entry. | 3.3 |
| 2020-09-09 | CVE-2020-2042 | Classic Buffer Overflow vulnerability in Paloaltonetworks Pan-Os 10.0.0 A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. | 7.2 |
| 2020-09-09 | CVE-2020-2041 | Unspecified vulnerability in Paloaltonetworks Pan-Os An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. | 7.5 |
| 2020-09-09 | CVE-2020-2040 | Classic Buffer Overflow vulnerability in Paloaltonetworks Pan-Os A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. | 9.8 |
| 2020-09-09 | CVE-2020-2039 | Resource Exhaustion vulnerability in Paloaltonetworks Pan-Os An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. | 5.3 |
| 2020-09-09 | CVE-2020-2038 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. | 7.2 |
| 2020-09-09 | CVE-2020-2037 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. | 7.2 |
| 2020-09-09 | CVE-2020-2036 | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. | 8.8 |