Shodan
Vulnerabilities
Vulnerable Software
Paloaltonetworks:  Security Vulnerabilities
CVE-2018-10143
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
CVSS Score
9.8
EPSS Score
0.248
Published
2018-12-12
CVE-2018-10142
The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system.
CVSS Score
7.5
EPSS Score
0.022
Published
2018-11-27
CVE-2018-10141
GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.
CVSS Score
6.1
EPSS Score
0.039
Published
2018-10-12
CVE-2018-18065
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVSS Score
6.5
EPSS Score
0.171
Published
2018-10-08
CVE-2018-14634
Known exploited
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
CVSS Score
7.8
EPSS Score
0.148
Published
2018-09-25
CVE-2018-10139
The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT affected.
CVSS Score
6.1
EPSS Score
0.015
Published
2018-08-16
CVE-2018-10140
The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected.
CVSS Score
4.3
EPSS Score
0.019
Published
2018-08-16
CVE-2018-9337
The PAN-OS web interface administration page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.17 and earlier, PAN-OS 8.0.10 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML.
CVSS Score
5.4
EPSS Score
0.01
Published
2018-07-03
CVE-2018-7636
The URL filtering "continue page" hosted by PAN-OS 8.0.10 and earlier may allow an attacker to inject arbitrary JavaScript or HTML via specially crafted URLs.
CVSS Score
6.1
EPSS Score
0.011
Published
2018-07-03
CVE-2018-9242
The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier may allow an attacker to delete files in the system via specific request parameters.
CVSS Score
5.5
EPSS Score
0.004
Published
2018-07-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved