Filtered by vendor Pfsense Subscriptions
Total 22 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-4197 1 Pfsense 1 Pfsense 2024-11-21 N/A
etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certificates for arbitrary subjects by leveraging the private key.
CVE-2024-46538 2 Netgate, Pfsense 2 Pfsense, Pfsense 2024-10-30 9.3 Critical
A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php.