4 matches found
PT-2025-44568
Name of the Vulnerable Software and Affected Versions Netgate pfSense CE Suricata affected versions not specified Description This issue allows remote attackers to create arbitrary files on affected installations. Authentication is required for exploitation. The flaw is due to insufficient...
EUVD-2025-27464
Malicious code in bioql PyPI...
CVE-2025-34178
In pfSense CE /suricata/suricataappparsers.php, the value of the policyname parameter is not sanitized of HTML-related strings/characters before being directly displayed. This can result in stored cross-site scripting. The attacker must be authenticated with at least "WebCfg - Services: suricata...
CVE-2025-34176
Summary of impact : CVE-2025-34176 affects pfSense CE with the Suricata package, where the iplist parameter in /suricata/suricata_ip_reputation.php is not sanitized against directory-traversal strings. This leads to a file existence check that reveals whether a file exists, enabling authenticated...