Approved changes feed: RSS · Atom
cpe:2.3:a:palo_alto_networks:panorama:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Palo Alto Networks (b3fb2ed8-9543-594b-b76a-18c6d89c012d) |
|---|---|
| Product | Panorama (91e4bf37-62d6-5555-aa87-37b5c48f506e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-0107 |
not_vulnerable | 2026-06-03 14:58:23.312664 |
Expedition: OS Command Injection Vulnerability
An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.
Published: 2025-01-11T03:02:49.517Z
Updated: 2025-01-24T04:56:01.054Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0106 |
not_vulnerable | 2026-06-03 14:58:23.311899 |
Expedition: Wildcard Expansion Vulnerability
A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem.
Published: 2025-01-11T03:02:24.574Z
Updated: 2025-01-13T19:48:42.286Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0105 |
not_vulnerable | 2026-06-03 14:58:23.310967 |
Expedition: Arbitrary File Deletion Vulnerability
An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem.
Published: 2025-01-11T03:01:24.168Z
Updated: 2025-01-13T19:50:31.391Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0104 |
not_vulnerable | 2026-06-03 14:58:23.310229 |
Expedition: Cross-Site Scripting (XSS) Vulnerability
A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft.
Published: 2025-01-11T03:00:40.318Z
Updated: 2025-01-13T19:51:27.183Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0103 |
not_vulnerable | 2026-06-03 14:58:23.309218 |
Expedition: SQL Injection Vulnerability
An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system.
Published: 2025-01-11T02:59:51.177Z
Updated: 2025-01-13T19:52:47.949Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.