Pfsense - Pfsense CVE

Filtered by vendor Pfsense Subscribe

Filtered by product Pfsense

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2011-4197	1 Pfsense	1 Pfsense	2017-08-29	7.5 HIGH	N/A
etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certificates for arbitrary subjects by leveraging the private key.
CVE-2011-5047	1 Pfsense	1 Pfsense	2017-08-29	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in pfSense before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the style parameter.

Vulnerabilities (CVE)