Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

Palo Alto Networks — Vulnerabilities & Security Advisories 307

Browse all 307 CVE security advisories affecting Palo Alto Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Palo Alto Networks operates as a prominent cybersecurity vendor, primarily providing next-generation firewalls, cloud security solutions, and endpoint protection platforms to enterprise clients. The company’s software ecosystem, particularly its PAN-OS operating system, has historically been associated with a significant volume of Common Vulnerabilities and Exposures, currently totaling 280 recorded instances. These vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation errors or improper access controls within management interfaces. While the firm maintains a robust security posture through regular patching cycles and proactive threat intelligence integration, the high CVE count reflects the complexity of its extensive feature set and the broad attack surface inherent in critical infrastructure components. Major incidents have been limited, with most issues resolved via timely updates, though the sheer number of disclosed flaws underscores the challenges of securing large-scale, continuously updated network security appliances.

Found 122 results / 307Clear Filters
Top products by Palo Alto Networks: PAN-OS Cloud NGFW GlobalProtect App Cortex XDR Agent Cortex XSOAR Cortex XDR Broker VM Expedition Prisma Browser Prisma Access Agent Prisma Cloud Compute Trust Protection Foundation Global Protect Agent Prisma Access Browser Autonomous Digital Experience Manager Checkov by Prisma Cloud Bridgecrew Checkov Traps Prisma SD-WAN ION Palo Alto Networks PAN-OS Palo Alto Networks Expedition Cortex XDR Microsoft 365 Defender Pack Cortex XSOAR Microsoft Teams Marketplace Chronosphere Chronocollector User-ID Credential Agent Broker VM Prisma Cloud Compute Edition WildFire WF-500 and WF-500-B Prisma SD-WAN PAN-OS OpenConfig Plugin ActiveMQ Content Pack
CVE IDTitleCVSSSeverityPublished
CVE-2025-0116 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame — PAN-OSCWE-754 6.5 -2025-03-12
CVE-2025-0115 PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI — PAN-OSCWE-41 4.9 -2025-03-12
CVE-2025-0114 PAN-OS: Denial of Service (DoS) in GlobalProtect — PAN-OSCWE-400 7.5 -2025-03-12
CVE-2024-9471 PAN-OS: Privilege Escalation (PE) Vulnerability in XML API — PAN-OSCWE-269 7.2AIHighAI2024-10-09
CVE-2024-8691 PAN-OS: User Impersonation in GlobalProtect Portal — PAN-OSCWE-863 6.5AIMediumAI2024-09-11
CVE-2024-8688 PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI) — PAN-OSCWE-155 4.9AIMediumAI2024-09-11
CVE-2024-8687 PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes — PAN-OSCWE-497 9.8AICriticalAI2024-09-11
CVE-2024-8686 PAN-OS: Command Injection Vulnerability — PAN-OSCWE-78 7.2AIHighAI2024-09-11
CVE-2024-5916 PAN-OS: Cleartext Exposure of External System Secrets — PAN-OSCWE-313 4.4AIMediumAI2024-08-14
CVE-2024-5913 PAN-OS: Improper Input Validation Vulnerability in PAN-OS — PAN-OSCWE-20 6.1 Medium2024-07-10
CVE-2024-5911 PAN-OS: File Upload Vulnerability in the Panorama Web Interface — PAN-OSCWE-434 6.5AIMediumAI2024-07-10
CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect — PAN-OSCWE-77 10.0 Critical2024-04-12
CVE-2024-3388 PAN-OS: User Impersonation in GlobalProtect SSL VPN — PAN-OSCWE-269 4.1 Medium2024-04-10
CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure — PAN-OSCWE-326 5.3 Medium2024-04-10
CVE-2024-3386 PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended — PAN-OSCWE-436 5.3 Medium2024-04-10
CVE-2024-3385 PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled — PAN-OSCWE-20 7.5 High2024-04-10
CVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets — PAN-OSCWE-1286 7.5 High2024-04-10
CVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE) — PAN-OSCWE-282 7.4 High2024-04-10
CVE-2024-3382 PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets — PAN-OSCWE-770 7.5 High2024-04-10
CVE-2024-2433 PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss — PAN-OSCWE-269 4.3 Medium2024-03-13
CVE-2024-0011 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication — PAN-OSCWE-79 4.3 Medium2024-02-14
CVE-2024-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal — PAN-OSCWE-79 4.3 Medium2024-02-14
CVE-2024-0009 PAN-OS: Improper IP Address Verification in GlobalProtect Gateway — PAN-OSCWE-940 6.3 Medium2024-02-14
CVE-2024-0008 PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface — PAN-OSCWE-613 6.6 Medium2024-02-14
CVE-2024-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface — PAN-OSCWE-79 6.8 Medium2024-02-14
CVE-2023-6793 PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator — PAN-OSCWE-269 2.7 Low2023-12-13
CVE-2023-6791 PAN-OS: Plaintext Disclosure of External System Integration Credentials — PAN-OSCWE-701 4.9 Medium2023-12-13
CVE-2023-6789 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface — PAN-OSCWE-79 4.3 Medium2023-12-13
CVE-2023-6795 PAN-OS: OS Command Injection Vulnerability in the Web Interface — PAN-OSCWE-78 5.5 Medium2023-12-13
CVE-2023-6794 PAN-OS: File Upload Vulnerability in the Web Interface — PAN-OSCWE-434 5.5 Medium2023-12-13

This page lists every published CVE security advisory associated with Palo Alto Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.