The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Palo Alto PAN-OS

computer vulnerability announce CVE-2019-1582

PAN-OS: memory corruption via Interactive Session Rekeying

Synthesis of the vulnerability

An attacker can trigger a memory corruption via Interactive Session Rekeying of PAN-OS, in order to trigger a denial of service, and possibly to run code.
Severity: 1/4.
Creation date: 22/08/2019.
Identifiers: CERTFR-2019-AVI-408, CVE-2019-1582, PAN-123700, PAN-SA-2019-0023, VIGILANCE-VUL-30133.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a memory corruption via Interactive Session Rekeying of PAN-OS, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

cybersecurity bulletin CVE-2019-1575

Palo Alto PAN-OS: privilege escalation via Management API username/password

Synthesis of the vulnerability

An attacker can bypass restrictions via Management API username/password of Palo Alto PAN-OS, in order to escalate his privileges.
Severity: 2/4.
Creation date: 16/07/2019.
Identifiers: CERTFR-2019-AVI-335, CVE-2019-1575, PAN-SA-2019-0019, VIGILANCE-VUL-29784.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Management API username/password of Palo Alto PAN-OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

security bulletin CVE-2019-1576

Palo Alto PAN-OS: privilege escalation via CLI Command Injection

Synthesis of the vulnerability

An attacker can bypass restrictions via CLI Command Injection of Palo Alto PAN-OS, in order to escalate his privileges.
Severity: 2/4.
Creation date: 16/07/2019.
Identifiers: CERTFR-2019-AVI-335, CVE-2019-1576, PAN-SA-2019-0018, VIGILANCE-VUL-29783.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via CLI Command Injection of Palo Alto PAN-OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

cybersecurity bulletin CVE-2018-12126 CVE-2018-12127 CVE-2018-12130

Intel processors: information disclosure via performance measurement

Synthesis of the vulnerability

An attacker can measure performances of his process, in order to get sensitive information about other process or, if the host is virtualized, about other guest systems.
Severity: 1/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 15/05/2019.
Revision date: 15/05/2019.
Identifiers: 1074268, 1103481, CERTFR-2019-AVI-209, CERTFR-2019-AVI-211, CERTFR-2019-AVI-212, CERTFR-2019-AVI-213, CERTFR-2019-AVI-215, CERTFR-2019-AVI-217, CERTFR-2019-AVI-229, CERTFR-2019-AVI-230, CERTFR-2019-AVI-233, CERTFR-2019-AVI-311, CERTFR-2019-AVI-458, CERTFR-2019-AVI-489, CTX251995, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, DLA-1787-1, DLA-1789-1, DLA-1789-2, DLA-1799-1, DLA-1799-2, DSA-4444-1, DSA-4447-1, DSA-4447-2, FEDORA-2019-0731828893, FEDORA-2019-1f5832fc0e, FEDORA-2019-640f8d8dd1, FEDORA-2019-6458474bf2, FEDORA-2019-c36afa818c, FEDORA-2019-e6bf55e821, FEDORA-2019-eb08fb0c5f, FG-IR-18-002, FreeBSD-SA-19:07.mds, FreeBSD-SA-19:26.mcu, HPESBHF03933, INTEL-SA-00233, openSUSE-SU-2019:1402-1, openSUSE-SU-2019:1403-1, openSUSE-SU-2019:1404-1, openSUSE-SU-2019:1405-1, openSUSE-SU-2019:1407-1, openSUSE-SU-2019:1408-1, openSUSE-SU-2019:1419-1, openSUSE-SU-2019:1420-1, openSUSE-SU-2019:1468-1, openSUSE-SU-2019:1505-1, openSUSE-SU-2019:1805-1, openSUSE-SU-2019:1806-1, PAN-SA-2019-0012, RHSA-2019:1155-01, RHSA-2019:1167-01, RHSA-2019:1168-01, RHSA-2019:1169-01, RHSA-2019:1170-01, RHSA-2019:1171-01, RHSA-2019:1172-01, RHSA-2019:1174-01, RHSA-2019:1175-01, RHSA-2019:1176-01, RHSA-2019:1177-01, RHSA-2019:1178-01, RHSA-2019:1180-01, RHSA-2019:1181-01, RHSA-2019:1182-01, RHSA-2019:1183-01, RHSA-2019:1184-01, RHSA-2019:1185-01, RHSA-2019:1186-01, RHSA-2019:1187-01, RHSA-2019:1188-01, RHSA-2019:1189-01, RHSA-2019:1190-01, RHSA-2019:1193-01, RHSA-2019:1194-01, RHSA-2019:1195-01, RHSA-2019:1196-01, RHSA-2019:1197-01, RHSA-2019:1198-01, SB10292, SSA-608355, SSA-616472, SUSE-SU-2019:1235-1, SUSE-SU-2019:1236-1, SUSE-SU-2019:1238-1, SUSE-SU-2019:1239-1, SUSE-SU-2019:1240-1, SUSE-SU-2019:1241-1, SUSE-SU-2019:1242-1, SUSE-SU-2019:1243-1, SUSE-SU-2019:1244-1, SUSE-SU-2019:1245-1, SUSE-SU-2019:1248-1, SUSE-SU-2019:1268-1, SUSE-SU-2019:1269-1, SUSE-SU-2019:1272-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, SUSE-SU-2019:1296-1, SUSE-SU-2019:1313-1, SUSE-SU-2019:1347-1, SUSE-SU-2019:1348-1, SUSE-SU-2019:1349-1, SUSE-SU-2019:1356-1, SUSE-SU-2019:1371-1, SUSE-SU-2019:14048-1, SUSE-SU-2019:14051-1, SUSE-SU-2019:14052-1, SUSE-SU-2019:14063-1, SUSE-SU-2019:14133-1, SUSE-SU-2019:1423-1, SUSE-SU-2019:1438-1, SUSE-SU-2019:1452-1, SUSE-SU-2019:1490-1, SUSE-SU-2019:1547-1, SUSE-SU-2019:1550-1, SUSE-SU-2019:1909-1, SUSE-SU-2019:1910-1, SUSE-SU-2019:1954-1, SUSE-SU-2019:2430-1, Synology-SA-19:24, USN-3977-1, USN-3977-2, USN-3977-3, USN-3978-1, USN-3979-1, USN-3980-1, USN-3981-1, USN-3981-2, USN-3982-1, USN-3982-2, USN-3983-1, USN-3983-2, USN-3984-1, USN-3985-1, USN-3985-2, VIGILANCE-VUL-29300, VMSA-2019-0008, XSA-297, ZombieLoad.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can measure performances of his process, in order to get sensitive information about other process or, if the host is virtualized, about other guest systems.
Full Vigil@nce bulletin... (Free trial)

computer threat note CVE-2019-8912

Linux kernel: use after free via af_alg_release

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via af_alg_release() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 19/02/2019.
Identifiers: CERTFR-2019-AVI-131, CERTFR-2019-AVI-145, CERTFR-2019-AVI-335, CVE-2019-8912, FEDORA-2019-16de0047d4, FEDORA-2019-7bdeed7fc5, openSUSE-SU-2019:1193-1, PAN-SA-2019-0017, SUSE-SU-2019:0765-1, SUSE-SU-2019:0767-1, USN-3930-1, USN-3930-2, USN-3931-1, USN-3931-2, VIGILANCE-VUL-28540.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force the usage of a freed memory area via af_alg_release() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-1566

Palo Alto PAN-OS: Cross Site Scripting via Management Web Interface

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via Management Web Interface of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 24/01/2019.
Identifiers: CVE-2019-1566, PAN-SA-2019-0002, VIGILANCE-VUL-28362.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Palo Alto PAN-OS product offers a web service.

However, it does not filter received data via Management Web Interface before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via Management Web Interface of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2019-1565

Palo Alto PAN-OS: Cross Site Scripting via External Dynamic Lists

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via External Dynamic Lists of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 24/01/2019.
Identifiers: CVE-2019-1565, PAN-SA-2019-0001, VIGILANCE-VUL-28361.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Palo Alto PAN-OS product offers a web service.

However, it does not filter received data via External Dynamic Lists before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via External Dynamic Lists of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-10141

Palo Alto PAN-OS: Cross Site Scripting via GlobalProtect Portal Login

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via GlobalProtect Portal Login of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 12/10/2018.
Identifiers: CVE-2018-10141, PAN-99830, PAN-SA-2018-0014, VIGILANCE-VUL-27494.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Palo Alto PAN-OS product offers a web service.

However, it does not filter received data via GlobalProtect Portal Login before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via GlobalProtect Portal Login of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

security announce CVE-2018-18065

Net-SNMP: denial of service via GetNext PDU Multiple Varbinds

Synthesis of the vulnerability

An attacker can generate a fatal error via GetNext PDU Multiple Varbinds of Net-SNMP, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 09/10/2018.
Identifiers: bulletinoct2018, CVE-2018-18065, DLA-1540-1, DSA-4314-1, FEDORA-2018-042156f164, NTAP-20181107-0001, openSUSE-SU-2018:3381-1, openSUSE-SU-2018:3508-1, PAN-SA-2019-0007, SUSE-SU-2018:3319-1, SUSE-SU-2018:3333-1, SUSE-SU-2018:3447-1, USN-3792-1, USN-3792-2, USN-3792-3, VIGILANCE-VUL-27441.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via GetNext PDU Multiple Varbinds of Net-SNMP, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity bulletin CVE-2018-14634

Linux kernel: integer overflow via create_elf_tables

Synthesis of the vulnerability

An attacker can generate an integer overflow via create_elf_tables() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 26/09/2018.
Identifiers: CERTFR-2018-AVI-457, CERTFR-2018-AVI-459, CERTFR-2018-AVI-460, CERTFR-2018-AVI-462, CERTFR-2018-AVI-478, CERTFR-2018-AVI-480, CERTFR-2018-AVI-567, CERTFR-2019-AVI-188, CERTFR-2019-AVI-242, CVE-2018-14634, DLA-1529-1, JSA10917, K20934447, PAN-SA-2019-0006, RHSA-2018:2748-01, RHSA-2018:2763-01, RHSA-2018:2846-01, RHSA-2018:2924-01, RHSA-2018:2925-01, RHSA-2018:2933-01, RHSA-2018:3540-01, RHSA-2018:3586-01, RHSA-2018:3590-01, RHSA-2018:3591-01, RHSA-2018:3643-01, SUSE-SU-2018:2879-1, SUSE-SU-2018:2907-1, SUSE-SU-2018:2908-1, SUSE-SU-2018:2908-2, SUSE-SU-2018:3083-1, SUSE-SU-2018:3088-1, USN-3775-1, USN-3775-2, USN-3779-1, VIGILANCE-VUL-27320.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate an integer overflow via create_elf_tables() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Palo Alto PAN-OS: