Vulnerabilities > Paloaltonetworks > PAN OS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-10 | CVE-2021-3063 | Improper Handling of Exceptional Conditions vulnerability in Paloaltonetworks Pan-Os An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding. | 7.5 |
| 2021-09-08 | CVE-2021-3053 | Improper Handling of Exceptional Conditions vulnerability in Paloaltonetworks Pan-Os An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. | 7.5 |
| 2021-08-11 | CVE-2021-3050 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. | 8.8 |
| 2020-11-12 | CVE-2020-2050 | Improper Authentication vulnerability in Paloaltonetworks Pan-Os An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. | 8.2 |
| 2020-11-12 | CVE-2020-2022 | Improper Privilege Management vulnerability in Paloaltonetworks Pan-Os An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. | 7.5 |
| 2020-11-12 | CVE-2020-2000 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. | 7.2 |
| 2020-09-09 | CVE-2020-2042 | Classic Buffer Overflow vulnerability in Paloaltonetworks Pan-Os 10.0.0 A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. | 7.2 |
| 2020-09-09 | CVE-2020-2041 | Unspecified vulnerability in Paloaltonetworks Pan-Os An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. | 7.5 |
| 2020-09-09 | CVE-2020-2038 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. | 7.2 |
| 2020-09-09 | CVE-2020-2037 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. | 7.2 |