Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2021-27933
- EPSS 1.46%
- Published 28.04.2021 07:15:07
- Last modified 21.11.2024 05:58:51
pfSense 2.5.0 allows XSS via the services_wol_edit.php Description field.
- EPSS 78.29%
- Published 22.01.2018 04:29:00
- Last modified 21.11.2024 02:44:33
pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php.
7.5
CVE-2011-4197
- EPSS 0.9%
- Published 03.01.2012 19:55:03
- Last modified 11.04.2025 00:51:21
etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certificates for arbitrary subjects by leveraging the privat...
4.3
CVE-2011-5047
- EPSS 0.33%
- Published 03.01.2012 19:55:03
- Last modified 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in pfSense before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the style parameter.