Vulnerabilities > Paloaltonetworks

DATE CVE VULNERABILITY TITLE RISK
2016-04-12 CVE-2016-3656 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Paloaltonetworks Pan-Os
The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request.
network
low complexity
paloaltonetworks CWE-119
7.5
2016-04-12 CVE-2016-3655 OS Command Injection vulnerability in Paloaltonetworks Pan-Os
The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call.
network
low complexity
paloaltonetworks CWE-78
critical
9.8
2016-04-12 CVE-2016-3654 Improper Input Validation vulnerability in Paloaltonetworks Pan-Os
The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x before 5.1.11, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote authenticated administrators to execute arbitrary OS commands via an SSH command parameter.
network
low complexity
paloaltonetworks CWE-20
7.2