Vulnerabilities > Paloaltonetworks > PAN OS

DATE CVE VULNERABILITY TITLE RISK
2016-07-12 CVE-2016-2219 Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os
Cross-site scripting (XSS) vulnerability in the management interface in Palo Alto Networks PAN-OS 7.x before 7.0.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
paloaltonetworks CWE-79
5.4
5.4
2016-06-30 CVE-2016-4971 GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
network
low complexity
gnu canonical oracle paloaltonetworks
8.8
8.8
2016-04-12 CVE-2016-3657 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Paloaltonetworks Pan-Os
Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to cause a denial of service (device crash) or possibly execute arbitrary code via an SSL VPN request.
network
low complexity
paloaltonetworks CWE-119
critical
 9.8
9.8
2016-04-12 CVE-2016-3656 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Paloaltonetworks Pan-Os
The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request.
network
low complexity
paloaltonetworks CWE-119
7.5
7.5
2016-04-12 CVE-2016-3655 OS Command Injection vulnerability in Paloaltonetworks Pan-Os
The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call.
network
low complexity
paloaltonetworks CWE-78
critical
 9.8
9.8
2016-04-12 CVE-2016-3654 Improper Input Validation vulnerability in Paloaltonetworks Pan-Os
The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x before 5.1.11, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote authenticated administrators to execute arbitrary OS commands via an SSH command parameter.
network
low complexity
paloaltonetworks CWE-20
7.2
7.2