Vulnerabilities > Paloaltonetworks > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-13 | CVE-2020-2015 | Classic Buffer Overflow vulnerability in Paloaltonetworks Pan-Os A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. | 9.0 |
| 2020-05-13 | CVE-2020-2014 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. | 9.0 |
| 2020-05-13 | CVE-2020-2010 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. | 9.0 |
| 2020-05-13 | CVE-2020-2009 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Paloaltonetworks Pan-Os An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. | 9.0 |
| 2020-05-13 | CVE-2020-2008 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. | 9.0 |
| 2020-05-13 | CVE-2020-2007 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. | 9.0 |
| 2020-05-13 | CVE-2020-2006 | Out-of-bounds Write vulnerability in Paloaltonetworks Pan-Os A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. | 9.0 |
| 2020-04-08 | CVE-2020-1992 | Use of Externally-Controlled Format String vulnerability in Paloaltonetworks Pan-Os A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. | 9.3 |
| 2020-04-08 | CVE-2020-1990 | Out-of-bounds Write vulnerability in Paloaltonetworks Pan-Os A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. | 9.0 |
| 2019-12-20 | CVE-2019-17440 | Unspecified vulnerability in Paloaltonetworks Pan-Os Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. | 10.0 |