Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Pfsense
(Pfsense)| Repositories | https://github.com/bsdperimeter/pfsense |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-04-28 | CVE-2021-27933 | pfSense 2.5.0 allows XSS via the services_wol_edit.php Description field. | Pfsense | 6.1 | ||
| 2018-01-22 | CVE-2016-10709 | pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php. | Pfsense | 8.8 | ||
| 2012-01-03 | CVE-2011-5047 | Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in pfSense before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the style parameter. | Pfsense | N/A | ||
| 2012-01-03 | CVE-2011-4197 | etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certificates for arbitrary subjects by leveraging the private key. | Pfsense | N/A |