The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Palo Alto Firewall PA***

computer vulnerability announce CVE-2019-1582

PAN-OS: memory corruption via Interactive Session Rekeying

Synthesis of the vulnerability

An attacker can trigger a memory corruption via Interactive Session Rekeying of PAN-OS, in order to trigger a denial of service, and possibly to run code.
Severity: 1/4.
Creation date: 22/08/2019.
Identifiers: CERTFR-2019-AVI-408, CVE-2019-1582, PAN-123700, PAN-SA-2019-0023, VIGILANCE-VUL-30133.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a memory corruption via Interactive Session Rekeying of PAN-OS, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

cybersecurity bulletin CVE-2019-1575

Palo Alto PAN-OS: privilege escalation via Management API username/password

Synthesis of the vulnerability

An attacker can bypass restrictions via Management API username/password of Palo Alto PAN-OS, in order to escalate his privileges.
Severity: 2/4.
Creation date: 16/07/2019.
Identifiers: CERTFR-2019-AVI-335, CVE-2019-1575, PAN-SA-2019-0019, VIGILANCE-VUL-29784.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Management API username/password of Palo Alto PAN-OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

security bulletin CVE-2019-1576

Palo Alto PAN-OS: privilege escalation via CLI Command Injection

Synthesis of the vulnerability

An attacker can bypass restrictions via CLI Command Injection of Palo Alto PAN-OS, in order to escalate his privileges.
Severity: 2/4.
Creation date: 16/07/2019.
Identifiers: CERTFR-2019-AVI-335, CVE-2019-1576, PAN-SA-2019-0018, VIGILANCE-VUL-29783.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via CLI Command Injection of Palo Alto PAN-OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer threat note CVE-2019-8912

Linux kernel: use after free via af_alg_release

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via af_alg_release() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 19/02/2019.
Identifiers: CERTFR-2019-AVI-131, CERTFR-2019-AVI-145, CERTFR-2019-AVI-335, CVE-2019-8912, FEDORA-2019-16de0047d4, FEDORA-2019-7bdeed7fc5, openSUSE-SU-2019:1193-1, PAN-SA-2019-0017, SUSE-SU-2019:0765-1, SUSE-SU-2019:0767-1, USN-3930-1, USN-3930-2, USN-3931-1, USN-3931-2, VIGILANCE-VUL-28540.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force the usage of a freed memory area via af_alg_release() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-1566

Palo Alto PAN-OS: Cross Site Scripting via Management Web Interface

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via Management Web Interface of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 24/01/2019.
Identifiers: CVE-2019-1566, PAN-SA-2019-0002, VIGILANCE-VUL-28362.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Palo Alto PAN-OS product offers a web service.

However, it does not filter received data via Management Web Interface before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via Management Web Interface of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2019-1565

Palo Alto PAN-OS: Cross Site Scripting via External Dynamic Lists

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via External Dynamic Lists of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 24/01/2019.
Identifiers: CVE-2019-1565, PAN-SA-2019-0001, VIGILANCE-VUL-28361.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Palo Alto PAN-OS product offers a web service.

However, it does not filter received data via External Dynamic Lists before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via External Dynamic Lists of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-10141

Palo Alto PAN-OS: Cross Site Scripting via GlobalProtect Portal Login

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via GlobalProtect Portal Login of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 12/10/2018.
Identifiers: CVE-2018-10141, PAN-99830, PAN-SA-2018-0014, VIGILANCE-VUL-27494.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Palo Alto PAN-OS product offers a web service.

However, it does not filter received data via GlobalProtect Portal Login before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via GlobalProtect Portal Login of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

security announce CVE-2018-18065

Net-SNMP: denial of service via GetNext PDU Multiple Varbinds

Synthesis of the vulnerability

An attacker can generate a fatal error via GetNext PDU Multiple Varbinds of Net-SNMP, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 09/10/2018.
Identifiers: bulletinoct2018, CVE-2018-18065, DLA-1540-1, DSA-4314-1, FEDORA-2018-042156f164, NTAP-20181107-0001, openSUSE-SU-2018:3381-1, openSUSE-SU-2018:3508-1, PAN-SA-2019-0007, SUSE-SU-2018:3319-1, SUSE-SU-2018:3333-1, SUSE-SU-2018:3447-1, USN-3792-1, USN-3792-2, USN-3792-3, VIGILANCE-VUL-27441.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via GetNext PDU Multiple Varbinds of Net-SNMP, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity bulletin CVE-2018-14634

Linux kernel: integer overflow via create_elf_tables

Synthesis of the vulnerability

An attacker can generate an integer overflow via create_elf_tables() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 26/09/2018.
Identifiers: CERTFR-2018-AVI-457, CERTFR-2018-AVI-459, CERTFR-2018-AVI-460, CERTFR-2018-AVI-462, CERTFR-2018-AVI-478, CERTFR-2018-AVI-480, CERTFR-2018-AVI-567, CERTFR-2019-AVI-188, CERTFR-2019-AVI-242, CVE-2018-14634, DLA-1529-1, JSA10917, K20934447, PAN-SA-2019-0006, RHSA-2018:2748-01, RHSA-2018:2763-01, RHSA-2018:2846-01, RHSA-2018:2924-01, RHSA-2018:2925-01, RHSA-2018:2933-01, RHSA-2018:3540-01, RHSA-2018:3586-01, RHSA-2018:3590-01, RHSA-2018:3591-01, RHSA-2018:3643-01, SUSE-SU-2018:2879-1, SUSE-SU-2018:2907-1, SUSE-SU-2018:2908-1, SUSE-SU-2018:2908-2, SUSE-SU-2018:3083-1, SUSE-SU-2018:3088-1, USN-3775-1, USN-3775-2, USN-3779-1, VIGILANCE-VUL-27320.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate an integer overflow via create_elf_tables() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

weakness CVE-2018-10139

PAN-OS: Cross Site Scripting via GlobalProtect Response Page

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via GlobalProtect Response Page of PAN-OS, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 16/08/2018.
Identifiers: CVE-2018-10139, PAN-84836, PAN-SA-2018-0009, VIGILANCE-VUL-27035.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The PAN-OS product offers a web service.

However, it does not filter received data via GlobalProtect Response Page before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via GlobalProtect Response Page of PAN-OS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Palo Alto Firewall PA***: