17 matches found
EUVD-2018-13341
Malware in sbrugna...
EUVD-2023-30884
Malicious code in bioql PyPI...
CVE-2023-27100
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests...
Exploit for Improper Restriction of Excessive Authentication Attempts in Netgate Pfsense_Plus
CVE-2023-27100 - pfSense Anti-brute force protection bypass...
CVE-2023-27100
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests...
CVE-2023-27100
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests...
Input validation
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests...
CVE-2023-27100
The CVE affects Netgate pfSense Plus v22.05.1 and pfSense CE v2.6.0, where the SSHGuard anti-brute force protection can be bypassed via crafted web requests due to an improper restriction of excessive authentication attempts. Public details in connected documents confirm the affected versions and...
CVE-2023-27100
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests...
CVE-2023-27100
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests...
PT-2023-20955 · Netgate · Pfsense Ce +1
Name of the Vulnerable Software and Affected Versions: pfSense Plus software version 22.05.1 pfSense CE software version 2.6.0 Description: The issue is related to improper restriction of excessive authentication attempts in the SSHGuard component, allowing attackers to bypass brute force...
pfSense < 2.4.4-p3 Multiple Vulnerabilities
According to its self-reported version number, the remote pfSense install is a version prior to 2.4.4-p3. It is, therefore, affected by multiple vulnerabilities, including the following: - In pfSense 2.4.41, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsiste...
Design/Logic Flaw
The expiretable configuration in pfSense 2.4.41 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions...
CVE-2018-20799
In pfSense 2.4.41, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication the behavior does not match the sshguard documentation, which might make it easier for attackers to bypass...
CVE-2018-20798
The expiretable configuration in pfSense 2.4.41 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions...
CVE-2018-20798
The expiretable configuration in pfSense 2.4.41 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions...
CVE-2018-20798
pfSense 2.4.4_1 is affected by CVE-2018-20798 due to an expiretable configuration that creates block durations incompatible with sshguard, potentially allowing bypass of access restrictions. The issue is described in the NVD entry for the CVE and echoed by Nessus notes referencing pfSense 2.4.4-p...