CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-3656
https://notcve.org/view.php?id=CVE-2016-3656
12 Apr 2016 — The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request. El GlobalProtect Portal en Palo Alto Networks PAN-OS en versiones anteriores a 5.0.18, 6.0.x en versiones anteriores a 6.0.13, 6.1.x en versiones anteriores a 6.1.10 y 7.0.x en versiones anteriores a 7.0.5H2 permite a atacantes remotos provocar una denegación de servicio (caída de se... • https://security.paloaltonetworks.com/CVE-2016-3656 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 3%CPEs: 5EXPL: 0CVE-2016-3657
https://notcve.org/view.php?id=CVE-2016-3657
12 Apr 2016 — Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to cause a denial of service (device crash) or possibly execute arbitrary code via an SSL VPN request. Desbordamiento de buffer en el GlobalProtect Portal en Palo Alto Networks PAN-OS en versiones anteriores a 5.0.18, 6.0.x en versiones anteriores a 6.0.13, 6.1.x en versiones anteriores a 6.1.10 y 7.0.x en versiones anteriores a 7.0.... • https://security.paloaltonetworks.com/CVE-2016-3657 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 13EXPL: 0CVE-2015-4162
https://notcve.org/view.php?id=CVE-2015-4162
02 Jun 2015 — XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data. Vulnerabilidad de entidad externa XML (XXE) en la interfaz de gestión en PAN-OS anterior a 5.0.16, 6.x anterior a 6.0.8, y 6.1.x anterior a 6.1.4 permite a administradores remotos autenticados obtener información sensible a través de datos XML manipulados. • http://www.securityfocus.com/bid/74941 •
CVSS: 6.1EPSS: 0%CPEs: 17EXPL: 0CVE-2014-3764
https://notcve.org/view.php?id=CVE-2014-3764
06 Jan 2015 — Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x before 5.1.10, and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Ref ID 64563. Vulnerabilidad de XSS en la interfaz de gestión de dispositivos basados en web en Palo Alto Networks PAN-OS anterior a 5.0.15, 5.1.x anterior a 5.1.10, y 6.0.x anterior a 6.0.6 permite a atacantes remotos inyectar secuencias de coma... • http://secunia.com/advisories/61811 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •