Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Palo Alto Networks — Vulnerabilities & Security Advisories 280

Browse all 280 CVE security advisories affecting Palo Alto Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Palo Alto Networks:PAN-OSCloud NGFWGlobalProtect AppCortex XDR AgentCortex XSOARCortex XDR Broker VMExpeditionPrisma Cloud ComputeGlobal Protect AgentPrisma BrowserTrapsCheckov by Prisma CloudAutonomous Digital Experience ManagerPrisma Access BrowserPalo Alto Networks PAN-OSBridgecrew CheckovPalo Alto Networks ExpeditionPrisma Cloud Compute EditionUser-ID Credential AgentPrisma SD-WANCortex XDR Microsoft 365 Defender PackPAN-OS OpenConfig PluginCortex XSOAR Microsoft Teams MarketplaceActiveMQ Content PackCortex XSOAR CommonScriptsVM-Series PluginGlobalProtectGlobalProtect Agent for Linux and OSXGlobalProtect Agent for WindowsMineMeld
CVE IDTitleCVSSSeverityPublished
CVE-2025-4232 GlobalProtect: Authenticated Code Injection Through Wildcard on macOS — GlobalProtect AppCWE-155 7.8AIHighAI2025-06-12
CVE-2025-4233 Prisma Access Browser: Inappropriate implementation in Cache — Prisma Access BrowserCWE-524 7.5AIHighAI2025-06-12
CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices — Cloud NGFWCWE-319 7.5AIHighAI2025-05-14
CVE-2025-0138 Prisma Cloud Compute Edition: Insufficient Session Expiration Vulnerability in the Web Interface — Prisma Cloud Compute EditionCWE-613 9.4AICriticalAI2025-05-14
CVE-2025-0137 PAN-OS: Improper Neutralization of Input in the Management Web Interface — Cloud NGFWCWE-83 7.2AIHighAI2025-05-14
CVE-2025-0135 GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App — GlobalProtect AppCWE-266 7.1AIHighAI2025-05-14
CVE-2025-0134 Cortex XDR Broker VM: Authenticated Code Injection Vulnerability in Broker VM — Cortex XDR Broker VMCWE-94 8.8AIHighAI2025-05-14
CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal — Cloud NGFWCWE-79 6.1AIMediumAI2025-05-14
CVE-2025-0132 Cortex XDR Broker VM: Unauthenticated User Can Disable Internal Services — Cortex XDR Broker VMCWE-306 5.3AIMediumAI2025-05-14
CVE-2025-0130 PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafted Packets — Cloud NGFWCWE-754 7.5AIHighAI2025-05-14
CVE-2025-0129 Prisma Access Browser: Inappropriate control behavior in Prisma Access Browser — Prisma Access BrowserCWE-754 8.8AIHighAI2025-04-11
CVE-2025-0123 PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures — Cloud NGFWCWE-312 4.9AIMediumAI2025-04-11
CVE-2025-0119 Cortex XDR Broker VM: Authenticated Command Injection Vulnerability in Broker VM — Cortex XDR Broker VMCWE-78 8.8AIHighAI2025-04-11
CVE-2025-0128 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet — Cloud NGFWCWE-754 7.5AIHighAI2025-04-11
CVE-2025-0127 PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series — Cloud NGFWCWE-78 7.2AIHighAI2025-04-11
CVE-2025-0126 PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login — Cloud NGFWCWE-384 8.8AIHighAI2025-04-11
CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface — Cloud NGFWCWE-83 7.2AIHighAI2025-04-11
CVE-2025-0124 PAN-OS: Authenticated File Deletion Vulnerability on the Management Web Interface — Cloud NGFWCWE-73 7.1AIHighAI2025-04-11
CVE-2025-0122 Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through Burst of Crafted Packets — Prisma SD-WANCWE-770 6.5AIMediumAI2025-04-11
CVE-2025-0121 Cortex XDR Agent: Local Windows User Can Crash the Agent — Cortex XDR AgentCWE-476 7.1AIHighAI2025-04-11
CVE-2025-0120 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability — GlobalProtect AppCWE-250 7.0AIHighAI2025-04-11
CVE-2025-0118 GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability — GlobalProtect AppCWE-618 8.8 -2025-03-12
CVE-2025-0117 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability — GlobalProtect AppCWE-807 7.8 -2025-03-12
CVE-2025-0116 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame — PAN-OSCWE-754 6.5 -2025-03-12
CVE-2025-0115 PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI — PAN-OSCWE-41 4.9 -2025-03-12
CVE-2025-0114 PAN-OS: Denial of Service (DoS) in GlobalProtect — PAN-OSCWE-400 7.5 -2025-03-12
CVE-2025-0112 Cortex XDR Agent: Local Windows User Can Disable the Agent — Cortex XDR AgentCWE-754 7.8 -2025-02-19
CVE-2025-0113 Cortex XDR Broker VM: Unauthorized Access to Broker VM Docker Containers — Cortex XDR Broker VMCWE-424 7.4 -2025-02-12
CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin — PAN-OS OpenConfig PluginCWE-78 7.2 -2025-02-12
CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface — Cloud NGFWCWE-73 6.5 -2025-02-12

This page lists every published CVE security advisory associated with Palo Alto Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.