CVE-2025-4227

>= 6.0.0 and < 6.2.8

An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprote

3.5LOW

CVE-2025-4232

>= 6.0.0 and < 6.2.8

An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on

8.8HIGH

CVE-2025-0135

>= 6.0.0 and < 6.2.8

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally

3.3LOW

CVE-2025-0120

>= 6.0.0 and < 6.0.12

A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a l

7.0HIGH

CVE-2025-0118

>= 6.0.0 and < 6.0.11

A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the

8.0HIGH

CVE-2024-5921

>= 6.1.0 and < 6.1.6

An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the Global

8.8HIGH

CVE-2024-9473

>= 5.1 and < 6.2.5

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-adm

7.8HIGH

CVE-2024-8687

>= 5.1.0 and < 5.1.12

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn

7.1HIGH

CVE-2024-5915

>= 5.1.0 and <= 5.1.9

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to e

7.8HIGH

CVE-2024-5908

>= 5.1 and < 5.1.12

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting

7.5HIGH

CVE-2024-3661

all versions

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that r

7.6HIGH

CVE-2024-2432

>= 5.1.0 and < 5.1.12

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to e

4.5MEDIUM

CVE-2024-2431

>= 5.1.0 and < 5.1.12

An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurati

5.5MEDIUM

CVE-2023-0009

< 5.2.13

A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to exe

7.8HIGH

CVE-2023-0006

>= 5.2.0 and < 5.2.13

A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system

6.3MEDIUM

CVE-2022-0021

>= 5.2 and < 5.2.9

An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the

3.3LOW

CVE-2022-0019

>= 5.1 and < 5.1.10

An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the

4.7MEDIUM

CVE-2022-0018

>= 5.1 and < 5.1.10

An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credential

6.1MEDIUM

CVE-2022-0017

>= 5.1 and < 5.1.10

An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app

7.0HIGH

CVE-2022-0016

>= 5.2 and < 5.2.9

An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Netwo

7.4HIGH

CVE-2021-3057

>= 5.0 and <= 5.0.8

A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle at

8.1HIGH

CVE-2021-3038

>= 5.1.0 and < 5.1.8

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user t

5.5MEDIUM

CVE-2020-2033

>= 5.0.0 and < 5.0.10

When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the

5.3MEDIUM

CVE-2020-2032

>= 5.0.0 and < 5.0.10

A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute prog

7.0HIGH

CVE-2020-2004

>= 5.0.0 and < 5.0.9

Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected

6.8MEDIUM

CVE-2020-1989

>= 5.0 and < 5.0.8

An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect A

7.0HIGH

CVE-2020-1988

>= 4.1.0 and < 4.1.13

An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file

4.2MEDIUM

CVE-2020-1987

>= 5.0 and < 5.0.9

An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authentic

3.9LOW

CVE-2020-1976

>= 5.0 and <= 5.0.5

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local

4.7MEDIUM

CVE-2019-17436

<= 5.0.4

A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and vers

7.1HIGH

CVE-2019-17435

<= 5.0.3

A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and earlier, and GlobalProtect Agen

5.5MEDIUM

CVE-2019-1573

<= 4.1.10

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacke

2.5LOW

CVE-2017-15870

<= 4.0.2

Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTE

6.7MEDIUM

CVE-2012-6606

<= 1.1.6

Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows m