cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-0103,https://securityvulnerability.io/vulnerability/CVE-2025-0103,SQL Injection Vulnerability in Palo Alto Networks Expedition,"An SQL injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to access sensitive database information. This includes revealing password hashes, usernames, device configurations, and API keys. Moreover, the flaw can be exploited to create and read arbitrary files on the Expedition system, further compromising its integrity and security. It is crucial for users of Expedition to apply security patches and follow best practices to mitigate this risk.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",9.2,CRITICAL,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,70
CVE-2025-0105,https://securityvulnerability.io/vulnerability/CVE-2025-0105,Arbitrary File Deletion Vulnerability in Palo Alto Networks Expedition,"An arbitrary file deletion vulnerability in Palo Alto Networks Expedition permits an unauthenticated attacker to delete files that are accessible to the www-data user on the host filesystem. This flaw could potentially be exploited to compromise the integrity of the system, allowing unauthorized manipulation of files critical to the operation of the affected application.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",6.9,MEDIUM,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2025-0104,https://securityvulnerability.io/vulnerability/CVE-2025-0104,Reflected Cross-Site Scripting Vulnerability in Palo Alto Networks Expedition,"A reflected cross-site scripting vulnerability exists in Palo Alto Networks Expedition that permits attackers to execute malicious JavaScript code. This can occur when an authenticated user clicks on a specially crafted link, resulting in potential phishing attacks and the theft of their browser session. This vulnerability highlights the importance of user caution and proactive security measures to mitigate the risks associated with online threats.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",7,HIGH,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2025-0107,https://securityvulnerability.io/vulnerability/CVE-2025-0107,OS Command Injection Vulnerability in Palo Alto Networks Expedition,"An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to execute arbitrary OS commands with the privileges of the www-data user. This can lead to serious security breaches, including unauthorized access to usernames, cleartext passwords, configuration files for devices, and API keys used for managing firewalls running PAN-OS software.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",6.3,MEDIUM,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2025-0106,https://securityvulnerability.io/vulnerability/CVE-2025-0106,Wildcard Expansion Vulnerability in Palo Alto Networks Expedition,"A wildcard expansion vulnerability exists in Palo Alto Networks Expedition, which allows unauthenticated attackers to enumerate files on the host filesystem. This weakness could potentially lead to exposing sensitive information and escalate further attacks on the system. It is vital for users of Expedition to review security advisories and implement recommended patches to mitigate this risk.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",6.9,MEDIUM,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2024-3393,https://securityvulnerability.io/vulnerability/CVE-2024-3393,Denial of Service Vulnerability in Palo Alto Networks PAN-OS Software,"A vulnerability exists within the DNS Security functionality of Palo Alto Networks PAN-OS software, which could be exploited by an unauthenticated attacker. By sending a carefully crafted malicious packet through the data plane of the firewall, the attacker can cause the firewall to reboot. If this malicious condition is triggered repeatedly, the affected firewall may ultimately enter maintenance mode, interrupting service availability. This poses a significant risk to customers relying on seamless and continuous network operations.",Palo Alto Networks,"Cloud Ngfw,Pan-os",7.1,HIGH,0.027340000495314598,true,false,false,true,true,true,true,2024-12-27T09:44:24.538Z,5822
CVE-2024-9474,https://securityvulnerability.io/vulnerability/CVE-2024-9474,Palo Alto Networks PAN-OS Privilege Escalation Vulnerability Affects Firewall,"A privilege escalation vulnerability exists in Palo Alto Networks PAN-OS software, allowing an administrator with access to the management web interface to execute actions on the firewall with heightened root privileges. This could potentially lead to unauthorized control and management of the firewall, exposing the organization to a range of security threats. It is important to note that cloud-based NGFW and Prisma Access solutions remain unaffected by this vulnerability.",Palo Alto Networks,"Cloud Ngfw,Pan-os,Prisma Access",7.2,HIGH,0.9749000072479248,true,true,false,true,true,true,false,2024-11-18T15:48:23.405Z,3897
CVE-2024-0012,https://securityvulnerability.io/vulnerability/CVE-2024-0012,Authentication Bypass Vulnerability Affects Palo Alto Networks PAN-OS Software,"An authentication bypass vulnerability exists in Palo Alto Networks PAN-OS software, allowing an attacker with network access to the management web interface to obtain administrator privileges without proper credentials. Exploiters can manipulate configuration settings and may take advantage of additional privilege escalation vulnerabilities. While the risk of unauthorized access can be mitigated by implementing access controls that restrict management web interface access to trusted internal IPs, adherence to recommended security practices is crucial to safeguarding the infrastructure. Notably, Cloud NGFW and Prisma Access are not affected by this vulnerability, which specifically impacts PAN-OS versions 10.2, 11.0, 11.1, and 11.2.",Palo Alto Networks,"Cloud Ngfw,Pan-os,Prisma Access",9.8,CRITICAL,0.9704200029373169,true,true,true,true,true,true,true,2024-11-18T15:47:41.407Z,24021
CVE-2024-2550,https://securityvulnerability.io/vulnerability/CVE-2024-2550,Unathorized Access to GlobalProtect Service through Null Pointer Dereference Vulnerability,A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.,Palo Alto Networks,"Cloud Ngfw,Pan-os,Prisma Access",,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-14T09:40:38.838Z,0
CVE-2024-5920,https://securityvulnerability.io/vulnerability/CVE-2024-5920,Palo Alto Networks PAN-OS Software Vulnerable to Cross-Site Scripting Attacks,A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrator's browser.,Palo Alto Networks,"Cloud Ngfw,Pan-os,Prisma Access",,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-14T09:40:14.513Z,0
CVE-2024-5917,https://securityvulnerability.io/vulnerability/CVE-2024-5917,Unauthenticated Server-Side Request Forgery Attack on PAN-OS Software Allows Proxy Access to Internal Network Resources,"A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.",Palo Alto Networks,"Cloud Ngfw,Pan-os",,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-14T09:39:40.266Z,0
CVE-2024-2552,https://securityvulnerability.io/vulnerability/CVE-2024-2552,Palo Alto Networks PAN-OS Command Injection Vulnerability Allows Administrator Deletions,A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall.,Palo Alto Networks,"Cloud Ngfw,Pan-os,Prisma Access",,,0.0004400000034365803,false,false,false,false,,false,false,2024-11-14T09:39:06.523Z,0
CVE-2024-5918,https://securityvulnerability.io/vulnerability/CVE-2024-5918,Improper Certificate Validation Vulnerability in Palo Alto Networks PAN-OS Software,"An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you ""Allow Authentication with User Credentials OR Client Certificate.""",Palo Alto Networks,"Cloud Ngfw,Pan-os,Prisma Access",,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-14T09:38:29.319Z,0
CVE-2024-5919,https://securityvulnerability.io/vulnerability/CVE-2024-5919,Blind XML External Entities Injection Vulnerability Allows File Exfiltration,A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.,Palo Alto Networks,"Cloud Ngfw,Pan-os,Prisma Access",,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-14T09:36:46.390Z,0
CVE-2024-2551,https://securityvulnerability.io/vulnerability/CVE-2024-2551,Unauthenticated Null Pointer Dereference Vulnerability Leads to DoS Condition and Maintenance Mode,A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.,Palo Alto Networks,"Cloud Ngfw,Pan-os,Prisma Access",,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-14T09:36:09.876Z,0
CVE-2024-9472,https://securityvulnerability.io/vulnerability/CVE-2024-9472,Palo Alto Networks PAN-OS Software Under Denial of Service Attack via Null Pointer Dereference,"A vulnerability exists in Palo Alto Networks PAN-OS software that affects PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series hardware platforms. When the Decryption policy is enabled, a null pointer dereference could be exploited by unauthenticated attackers to crash the PAN-OS system. This flaw results in a denial of service condition, which may cause the system to enter maintenance mode after repeated attempts to exploit the vulnerability. Notably, the VM-Series, Cloud NGFW, and Prisma Access products are not impacted by this issue. The affected versions of PAN-OS are as follows: 10.2.7-h12, 10.2.8-h10, 10.2.9-h9, 10.2.9-h11, 10.2.10-h2, 10.2.10-h3, 10.2.11, 10.2.11-h1, 10.2.11-h2, 10.2.11-h3, 11.1.2-h9, 11.1.2-h12, 11.1.3-h2, 11.1.3-h4, 11.1.3-h6, 11.2.2, and 11.2.2-h1.",Palo Alto Networks,"Cloud Ngfw,Pan-os,Prisma Access",,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-14T09:34:22.665Z,0
CVE-2024-9471,https://securityvulnerability.io/vulnerability/CVE-2024-9471,PAN-OS: Privilege Escalation (PE) Vulnerability in XML API,"A privilege escalation vulnerability exists within the XML API of Palo Alto Networks PAN-OS software. This security flaw allows an authenticated administrator with limited access to exploit a compromised XML API key, potentially executing actions that would typically be restricted. For instance, an administrator who is designated as a 'Virtual system administrator (read-only)' may misuse another admin's XML API key, granting them unauthorized write capabilities on the virtual system's configuration. This situation underscores the importance of safeguarding API keys and enforcing stringent access controls to maintain network security.",Palo Alto Networks,"Pan-os,Cloud Ngfw,Prisma Access",4.7,MEDIUM,0.0004400000034365803,false,false,false,true,,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-9468,https://securityvulnerability.io/vulnerability/CVE-2024-9468,PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet,"A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.",Palo Alto Networks,"Pan-os,Cloud Ngfw,Prisma Access",,,0.0004299999854993075,false,false,false,true,,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-8691,https://securityvulnerability.io/vulnerability/CVE-2024-8691,Palo Alto Networks GlobalProtect Vulnerability: Impersonation of Authenticated Users,"The vulnerability in the GlobalProtect portal of Palo Alto Networks PAN-OS software allows malicious actors, who are already authenticated GlobalProtect users, to impersonate other active users. When this occurs, the impersonated users are forcibly disconnected from the GlobalProtect service, thus compromising session integrity and disrupting connectivity. Furthermore, PAN-OS logs inaccurately indicate that the impersonated user has successfully authenticated, masking the attacker's identity and actions, creating challenges in monitoring and forensic analysis.",Palo Alto Networks,"Pan-os,Cloud Ngfw,Prisma Access",7.1,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-09-11T16:43:30.608Z,0
CVE-2024-8688,https://securityvulnerability.io/vulnerability/CVE-2024-8688,Improper Neutralization of Matching Symbols Vulnerability in Palo Alto Networks PAN-OS CLI,"A vulnerability exists in the Palo Alto Networks PAN-OS command line interface (CLI) due to improper neutralization of matching symbols. Authenticated administrators, including those with read-only permissions, can exploit this flaw to read arbitrary files on the firewall. This presents a significant risk as it can lead to exposure of sensitive configurations and data, potentially compromising system integrity and confidentiality.",Palo Alto Networks,"Pan-os,Cloud Ngfw,Prisma Access",4.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-09-11T16:40:50.806Z,0
CVE-2024-8687,https://securityvulnerability.io/vulnerability/CVE-2024-8687,GlobalProtect Information Exposure Vulnerability,"An information exposure vulnerability has been identified within Palo Alto Networks' PAN-OS software that allows a GlobalProtect end user to gain access to sensitive security credentials. This flaw permits the user to retrieve both the GlobalProtect uninstall password and the disable or disconnect passcode. With this information, users can potentially uninstall, disable, or disconnect the GlobalProtect VPN application, bypassing the intended application security settings that would usually prevent such actions.",Palo Alto Networks,"Pan-os,Globalprotect App,Cloud Ngfw,Prisma Access",7.1,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-09-11T16:40:21.066Z,0
CVE-2024-8686,https://securityvulnerability.io/vulnerability/CVE-2024-8686,Palo Alto Networks PAN-OS Command Injection Vulnerability Allows Rooted Access,"A vulnerability in Palo Alto Networks PAN-OS software allows an authenticated administrator to exploit a command injection flaw, bypassing established system restrictions. This can lead to the execution of arbitrary commands with root privileges on the device, potentially compromising the security and integrity of the entire firewall system. Proper configurations and updates are essential for mitigation.",Palo Alto Networks,"Pan-os,Cloud Ngfw,Prisma Access",7.2,HIGH,0.0005200000014156103,false,false,false,false,,false,false,2024-09-11T16:34:21.618Z,0
CVE-2024-5916,https://securityvulnerability.io/vulnerability/CVE-2024-5916,Information Exposure Vulnerability in Palo Alto Networks PAN-OS software,"An information exposure vulnerability exists within Palo Alto Networks PAN-OS software, allowing local system administrators to unintentionally leak sensitive information such as secrets, passwords, and tokens associated with external systems. Specifically, a read-only administrator with access to the configuration log may be able to read this confidential data, potentially compromising system security and integrity.",Palo Alto Networks,Pan-os,4.4,MEDIUM,0.0004299999854993075,false,true,false,false,,false,false,2024-08-14T17:15:00.000Z,0
CVE-2024-5913,https://securityvulnerability.io/vulnerability/CVE-2024-5913,Attackers can elevate privileges by tampering with physical file system,An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.,Palo Alto Networks,"Pan-os,Cloud Ngfw,Prisma Access",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-07-10T18:40:29.769Z,0
CVE-2024-5911,https://securityvulnerability.io/vulnerability/CVE-2024-5911,Panorama vulnerability allows unauthorized access and system disruption,"An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.",Palo Alto Networks,"Pan-os,Cloud Ngfw,Prisma Access",,,0.0004299999854993075,false,true,false,false,,false,false,2024-07-10T18:40:02.209Z,0