Vulnerabilities > Paloaltonetworks > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-09 | CVE-2020-2042 | Classic Buffer Overflow vulnerability in Paloaltonetworks Pan-Os 10.0.0 A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. | 9.0 |
| 2020-09-09 | CVE-2020-2040 | Classic Buffer Overflow vulnerability in Paloaltonetworks Pan-Os A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. | 10.0 |
| 2020-09-09 | CVE-2020-2037 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. | 9.0 |
| 2020-07-08 | CVE-2020-2034 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. | 9.3 |
| 2020-07-08 | CVE-2020-2030 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. | 9.0 |
| 2020-06-29 | CVE-2020-2021 | Improper Verification of Cryptographic Signature vulnerability in Paloaltonetworks Pan-Os When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. | 9.3 |
| 2020-06-10 | CVE-2020-2029 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. | 9.0 |
| 2020-06-10 | CVE-2020-2028 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode. | 9.0 |
| 2020-06-10 | CVE-2020-2027 | Out-of-bounds Write vulnerability in Paloaltonetworks Pan-Os A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. | 9.0 |
| 2020-05-13 | CVE-2020-2018 | Improper Authentication vulnerability in Paloaltonetworks Pan-Os An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. | 9.3 |