6.1.16

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-02	CVE-2017-9467	Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os Cross-site scripting (XSS) vulnerability in the GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity paloaltonetworks CWE-79	6.1
2017-08-02	CVE-2017-9459	Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os Cross-site scripting (XSS) vulnerability in the management web interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity paloaltonetworks CWE-79	6.1
2017-08-02	CVE-2017-8390	Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to execute arbitrary code via a crafted domain name. network low complexity paloaltonetworks CWE-20 critical	9.8
2017-05-02	CVE-2017-7216	Information Exposure vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters. network low complexity paloaltonetworks CWE-200	6.5
2017-04-21	CVE-2017-7409	Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674. network low complexity paloaltonetworks CWE-79	6.1
2017-04-14	CVE-2017-7218	Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters. local low complexity paloaltonetworks CWE-20	7.8
2017-04-14	CVE-2017-7217	Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters. network low complexity paloaltonetworks CWE-20	4.3
2016-11-10	CVE-2016-5195	Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." local high complexity canonical linux redhat debian fedoraproject paloaltonetworks netapp CWE-362	7.0
2016-06-30	CVE-2016-4971	GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. network low complexity gnu canonical oracle paloaltonetworks	8.8