📦

snort_package

Vendor: pfsense

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 6 Total Indexed

Avg. EPSS 0.05% Exploit Prob.

Latest CVE CVE-2014-4695 Jul 02

Security Vulnerability Index

Page 1 / 1

5.8 CVSS

CVE-2014-4695

Multiple open redirect vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) the returl parameter to snort_select_alias.php.

EPSS: 0.05%

Severity: MEDIUM

Jul 02, 2014

4.3 CVSS

CVE-2014-4693

Multiple cross-site scripting (XSS) vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the eng parameter to snort_import_aliases.php or (2) unspecified variables to snort_select_alias.php.

EPSS: 0.05%

Severity: MEDIUM

Jul 02, 2014

Displaying 2 of 6 Total Entries

Total 1 Sections