Vulnerabilities > Paloaltonetworks > PAN OS > 9.0.5

DATE CVE VULNERABILITY TITLE RISK
2020-02-12 CVE-2020-1975 XXE vulnerability in Paloaltonetworks Pan-Os
Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation.
network
low complexity
paloaltonetworks CWE-611
8.8
8.8
2019-12-20 CVE-2019-17440 Unspecified vulnerability in Paloaltonetworks Pan-Os
Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS.
network
low complexity
paloaltonetworks
critical
 9.8
9.8