5 matches found
CVE-2025-34182 Deciso OPNsense < 25.7.4 /interfaces_ppps_edit.php ptpid Stored XSS
In Deciso OPNsense before 25.7.4, when creating an "Interfaces: Devices: Point-to-Point" entry, the value of the parameter ptpid is not sanitized of HTML-related characters/strings. This value is directly displayed when visiting the page/interfacesassign.php, which can result in stored cross-site...
CVE-2025-34182
In Deciso OPNsense before 25.7.4, when creating an "Interfaces: Devices: Point-to-Point" entry, the value of the parameter ptpid is not sanitized of HTML-related characters/strings. This value is directly displayed when visiting the page/interfacesassign.php, which can result in stored cross-site...
UBUNTU-CVE-2021-47109
In the Linux kernel, the following vulnerability has been resolved: neighbour: allow NUDNOARP entries to be forced GCed IFFPOINTOPOINT interfaces use NUDNOARP entries for IPv6. It's possible to fill up the neighbour table with enough entries that it will overflow for valid connections after that...
CVE-2001-0969
ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts...
Security Advisory FreeBSD-SA-01:53.ipfw
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:53 Security Advisory FreeBSD, Inc. Topic: ipfw me' on P2P interfaces matches remote address Category: core Module: ipfw Announced: 2001-08-17 Credits: Igor M Podlesny...