CVE-2021-27933

pfSense 2.5.0 allows XSS via the serviceswoledit.php Description field...

CVE-2022-42247

pfSense v2.5.2 was discovered to contain a cross-site scripting XSS vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name...

CVE-2019-16701

pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.execphp call containing shell metacharacters in a parameter value...

CVE-2019-16915

An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization e.g., a basename call for a pathname to filegetcontents or fileputcontents...

CVE-2019-12949

In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diagcommand.php and rrdfetchjson.php timePeriod parameter, to a server. Then, the remote...

EUVD-2019-7410

Malware in sbrugna...

EUVD-2014-4611

Malware in sbrugna...

EUVD-2011-4140

Malware in sbrugna...

EUVD-2015-4057

Malware in sbrugna...

EUVD-2015-6451

Malware in sbrugna...

EUVD-2014-4608

Malware in sbrugna...

EUVD-2020-3811

Malware in sbrugna...

EUVD-2021-14653

Malware in sbrugna...

EUVD-2008-1191

Malware in sbrugna...

EUVD-2011-4950

Malware in sbrugna...

EUVD-2014-4607

Malware in sbrugna...

EUVD-2022-30588

Malicious code in bioql PyPI...

EUVD-2022-45323

Malicious code in bioql PyPI...

EUVD-2022-29200

Malicious code in bioql PyPI...

EUVD-2022-28908

Malicious code in bioql PyPI...