CVE-2025-0130

HIGH Year: 2025
Weakness Type
CWE-754
View all →

Vulnerability Description

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this condition will cause the firewall to enter maintenance mode. This issue does not affect Cloud NGFW or Prisma Access.

Related Vulnerabilities

CVE-2021-0211

CRITICAL
CVSS:10.0(Critical)

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attacker to send a valid BGP FlowSpec message ...

CWE-7542021

CVE-2017-20166

CRITICAL
CVSS:9.8(Critical)

Ecto 2.2.0 lacks a certain protection mechanism associated with the interaction between is_nil and raise.

CWE-7542017

CVE-2019-19646

CRITICAL
CVSS:9.8(Critical)

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.

CWE-7542019

CVE-2020-10571

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data.

CWE-7542020

CVE-2020-28037

CRITICAL
CVSS:9.8(Critical)

is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, lead...

CWE-7542020

CVE-2020-8986

CRITICAL
CVSS:9.8(Critical)

lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta failed to properly check for equality when validating the session cookie, allowing an attacker to gain administrative access with a large number of re...

CWE-7542020