Get support
Security advisories
Report vulnerabilities
Subscribe
RSS feed
Palo Alto Networks Security Advisories
Clear
Options
version
severity
CRITICAL
HIGH
MEDIUM
LOW
NONE
product
Demisto
1
Expedition
6
GlobalProtect
2
GlobalProtect Agent
7
MineMeld
1
NetConnect
1
PAN-OS
124
Terminal Services Agent
3
Traps
1
Traps ESM Console
2
Traps ESM Core
1
Twistlock Console
1
Update server
1
User-ID agent
1
WildFire Appliance
3
WildFire Cloud
2
Zingbox Inspector
11
Clear
1 - 25 of 165
Newest
Updated
Severe
Earliest published
Earliest updated
Least Severe
Sort ID ↑
Sort ID ↓
CVSS
Summary
Versions
Affected
Unaffected
Published
Updated
7
CVE-2020-1981 PAN-OS: Predictable temporary filename vulnerability allows local privilege escalation
PAN-OS 8.1
< 8.1.13
>= 8.1.13
>= 7.1.0
>= 9.0.0
>= 9.1.0
2020-03-11
2020-03-11
7.8
CVE-2020-1980 PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands
PAN-OS 8.1
< 8.1.13
>= 8.1.13
>= 9.0.0
>= 9.1.0
>= 7.1.0
2020-03-11
2020-03-11
7.8
CVE-2020-1979 PAN-OS: A format string vulnerability in PAN-OS log daemon (logd) on Panorama allows local privilege escalation
PAN-OS 8.1
< 8.1.13
>= 8.1.13
>= 9.0.0
>= 7.1.0
>= 9.1.0
2020-03-11
2020-03-11
6.8
CVE-2020-1975 Missing XML Validation in PAN-OS Web Interface
PAN-OS 8.1
PAN-OS 9.0
< 8.1.12
< 9.0.6
7.1.*
8.0.*
>= 8.1.12
>= 9.0.6
2020-02-12
2020-02-12
7.5
CVE-2020-1977 Expedition Migration Tool: Insufficient Cross Site Request Forgery protection.
Expedition 1.1
<= 1.1.51
>= 1.1.52
2020-02-12
2020-02-12
4.7
CVE-2020-1976 GlobalProtect on MacOS: Local denial-of-service (DoS) vulnerability.
GlobalProtect 5.0
<= 5.0.5 on Mac OS
>= 5.0.6 on Mac OS
2020-02-12
2020-02-12
10
N
CVE-2019-17440 PAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root access
PAN-OS 9.0
< 9.0.5-h3 on PA-7000 Series with 2nd Generation SMC
8.0
8.1
>= 9.0.6, 9.0.5-h3 on PA-7000 Series with 2nd Generation SMC
2019-12-19
2019-12-19
7.8
CVE-2019-17437 PAN-OS: Custom-role users may escalate privileges
PAN-OS 7.1
PAN-OS 8.0
PAN-OS 8.1
PAN-OS 9.0
< 7.1.25
< 8.0.20
< 8.1.11
< 9.0.5
>= 7.1.25
>= 8.0.20
>= 8.1.11
>= 9.0.5
2019-12-04
2019-12-04
5.9
CVE-2019-1559 OpenSSL vulnerability CVE-2019-1559 has been resolved in PAN-OS
PAN-OS 7.1
PAN-OS 8.0
PAN-OS 8.1
PAN-OS 9.0
< 7.1.25
< 8.0.20
< 8.1.8
< 9.0.2
>= 7.1.25
>= 8.0.20
>= 8.1.8
>= 9.0.2
2019-12-04
2019-12-04
7.1
CVE-2019-17436 Local Privilege Escalation in GlobalProtect Agent for Linux and Mac OS
GlobalProtect Agent 5.0
GlobalProtect Agent 4.1
<= 4.1.12
<= 5.0.4
>= 4.1.13
>= 5.0.5
2019-10-15
2019-10-15
5.5
CVE-2019-17435 Local Privilege Escalation in GlobalProtect Agent for Windows
GlobalProtect Agent 5.0
GlobalProtect Agent 4.1
<= 4.1.12
<= 5.0.3
>= 4.1.13
>= 5.0.4
2019-10-15
2019-10-15
7.5
N
CVE-2019-15023 Insecure Password Storage in Zingbox Inspector
Zingbox Inspector 1
<= 1.294
>= 1.295
2019-10-01
2019-10-01
7.5
N
CVE-2019-15022 ARP Spoofing in Zingbox Inspector
Zingbox Inspector 1
<= 1.294
>= 1.295
2019-10-01
2019-10-01
5.3
N
CVE-2019-15021 Server-side Request Forgery in Zingbox Inspector
Zingbox Inspector 1
<= 1.294
>= 1.295
2019-10-01
2019-10-01
9.8
N
CVE-2019-15020 Command Injection in Zingbox Inspector
Zingbox Inspector 1
<= 1.293
>= 1.294
2019-10-01
2019-10-01
9.8
N
CVE-2019-15019 Insecure Firmware Validation in Zingbox Inspector
Zingbox Inspector 1
<= 1.294
>= 1.295
2019-10-01
2019-10-01
7.5
N
CVE-2019-15018 Tenant authentication bypass in Zingbox Inspector
Zingbox Inspector 1
<= 1.280
>= 1.281
2019-10-01
2019-10-01
8.4
CVE-2019-15017 SSH Service Exposed in Zingbox Inspector
Zingbox Inspector 1
<= 1.294
>= 1.295
2019-10-01
2019-10-01
8.8
CVE-2019-15016 SQL Injection in Zingbox Inspector
Zingbox Inspector 1
<= 1.288
>= 1.289
2019-10-01
2019-10-01
8.4
CVE-2019-15015 Hardcoded Credentials in Zingbox Inspector
Zingbox Inspector 1
<= 1.294
>= 1.295
2019-10-01
2019-10-01
8.8
CVE-2019-15014 Command Injection in Zingbox Inspector
Zingbox Inspector 1
<= 1.286
>= 1.287
2019-10-01
2019-10-01
9.8
N
CVE-2019-1584 Remote Command Injection in Zingbox Inspector
Zingbox Inspector 1
<= 1.293
>= 1.294
2019-10-01
2019-10-01
8
CVE-2019-1583 Escalation of Privilege in Twistlock
Twistlock Console 19.07
<= 19.07.357
>= 19.07.358
2019-08-22
2019-08-22
7.2
CVE-2019-1582 Memory Corruption in PAN-OS
PAN-OS 8.1
PAN-OS 9.0
<= 8.1.9
<= 9.0.3
>= 8.1.9-h4
>= 9.0.3-h3
2019-08-21
2019-08-21
9.8
N
CVE-2019-1581 Remote code execution in PAN-OS SSH management interface
PAN-OS 7.1
PAN-OS 8.0
PAN-OS 8.1
PAN-OS 9.0
<= 7.1.24
<= 8.0.19
<= 8.1.9
<= 9.0.3
>= 7.1.24-h1
>= 8.0.19-h1
>= 8.1.9-h4
>= 9.0.3-h3
2019-08-21
2019-08-21
1 - 25 of 165
N
= Exploitable over the network with low complexity, unauthenticated attack.
© 2020 Palo Alto Networks, Inc. All rights reserved.