Vulnerabilities > Paloaltonetworks > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-01 | CVE-2015-6531 | Code Injection vulnerability in Paloaltonetworks Pan-Os Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 might allow remote attackers to execute arbitrary Python code via a crafted firmware image file. | 7.8 |
| 2017-04-14 | CVE-2017-7408 | Improper Input Validation vulnerability in Paloaltonetworks Traps 3.4.3 Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license. | 7.5 |
| 2017-04-14 | CVE-2017-7218 | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters. | 7.8 |
| 2017-01-27 | CVE-2017-5329 | Out-of-bounds Write vulnerability in Paloaltonetworks Terminal Services Agent Palo Alto Networks Terminal Services Agent before 7.0.7 allows local users to gain privileges via vectors that trigger an out-of-bounds write operation. | 7.8 |
| 2017-01-27 | CVE-2017-5328 | Unspecified vulnerability in Paloaltonetworks Terminal Services Agent Palo Alto Networks Terminal Services Agent before 7.0.7 allows attackers to spoof arbitrary users via unspecified vectors. | 7.5 |
| 2016-11-19 | CVE-2016-9151 | Permissions, Privileges, and Access Controls vulnerability in Paloaltonetworks Pan-Os Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows local users to gain privileges via crafted values of unspecified environment variables. | 7.8 |
| 2016-11-10 | CVE-2016-5195 | Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." | 7.0 |
| 2016-08-02 | CVE-2016-1712 | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x before 6.0.14, 6.1.x before 6.1.12, and 7.0.x before 7.0.8 might allow local users to gain privileges by leveraging improper sanitization of the root_reboot local invocation. | 7.8 |
| 2016-06-30 | CVE-2016-4971 | GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. | 8.8 |
| 2016-04-12 | CVE-2016-3656 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Paloaltonetworks Pan-Os The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request. | 7.5 |