Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netgate vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2019-11816
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense prior to 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
Netgate Pfsense
Netgate Pfsense 2.4.4
Opnsense Opnsense
6.1
CVSSv3
CVE-2019-12584
Apcupsd 0.3.91_5, as used in pfSense up to and including 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
Apcupsd Apcupsd 0.3.91 5
Netgate Pfsense 2.4.4
Netgate Pfsense
9.8
CVSSv3
CVE-2019-12585
Apcupsd 0.3.91_5, as used in pfSense up to and including 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.
Apcupsd Apcupsd 0.3.91 5
Netgate Pfsense 2.4.4
Netgate Pfsense
9.6
CVSSv3
CVE-2020-21487
Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows malicious users to execute arbitrary code via the RootFolder field of acme_certificates.php.
Netgate Pfsense 2.4.4
Netgate Pfsense Acme Package 0.6.3
NA
CVE-2014-4693
Multiple cross-site scripting (XSS) vulnerabilities in the Snort package prior to 3.0.13 for pfSense up to and including 2.1.4 allow remote malicious users to inject arbitrary web script or HTML via (1) the eng parameter to snort_import_aliases.php or (2) unspecified variables to...
Netgate Pfsense
Netgate Pfsense 2.1.3
Pfsense Snort Package
NA
CVE-2014-4695
Multiple open redirect vulnerabilities in the Snort package prior to 3.0.13 for pfSense up to and including 2.1.4 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) th...
Pfsense Snort Package
Netgate Pfsense 2.1.3
Netgate Pfsense
NA
CVE-2014-4694
Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package prior to 1.0.6 for pfSense up to and including 2.1.4 allow remote malicious users to inject arbitrary web script or HTML via unspecified variables.
Pfsense Suricata Package
Netgate Pfsense 2.1.3
Netgate Pfsense
NA
CVE-2014-4696
Multiple open redirect vulnerabilities in the Suricata package prior to 1.0.6 for pfSense up to and including 2.1.4 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (...
Netgate Pfsense
Pfsense Suricata Package
Netgate Pfsense 2.1.3
8.8
CVSSv3
CVE-2018-16055
An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense prior to 2.4.4 due to its passing user input from the $_POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the ...
Netgate Pfsense
NA
CVE-2015-4029
Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense prior to 2.2.3 allows remote malicious users to inject arbitrary web script or HTML via the zone parameter in a del action to services_captiveportal_zones.php.
Netgate Pfsense
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »