EUVD-2020-11110

Malware in sbrugna...

EUVD-2020-11108

Malware in sbrugna...

CVE-2022-24299

Improper input validation vulnerability in pfSense CE and pfSense Plus pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01 allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command...

Netgate pfSense CE 跨站脚本漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE prior to version 2.8.0 beta, which stems from a cross-site...

CVE-2020-19203

An authenticated Cross-Site Scripting XSS vulnerability was found in widgets/widgets/wakeonlanwidget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr description parameter of wake-on-LAN entries in its output, leading to a...

CVE-2020-19201

A Stored Cross-Site Scripting XSS vulnerability was found in statusfilterreload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr description...

CVE-2020-19203

An authenticated Cross-Site Scripting XSS vulnerability was found in widgets/widgets/wakeonlanwidget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr description parameter of wake-on-LAN entries in its output, leading to a...