Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-27468

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.00047EPSS
Exploits0References4
OSV
OSVadded 2025/09/09 8:15 p.m.2 views

CVE-2025-34174

In pfSense CE /usr/local/www/statustraffictotals.php, the value of the start-day parameter is not ensured to be a numeric value or sanitized of HTML-related characters/strings before being directly displayed in the input box. This value can be saved as the default value to be displayed to all use...

5.4CVSS6.1AI score
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/09/09 8:2 p.m.2 views

CVE-2025-34174 Netgate pfSense CE Status_Traffic_Totals Package v2.3.2_7 Stored Cross-Site Scripting

In pfSense CE /usr/local/www/statustraffictotals.php, the value of the start-day parameter is not ensured to be a numeric value or sanitized of HTML-related characters/strings before being directly displayed in the input box. This value can be saved as the default value to be displayed to all use...

5.1CVSS5.7AI score0.00047EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/09/09 8:2 p.m.4 views

CVE-2025-34174 Netgate pfSense CE Status_Traffic_Totals Package v2.3.2_7 Stored Cross-Site Scripting

In pfSense CE /usr/local/www/statustraffictotals.php, the value of the start-day parameter is not ensured to be a numeric value or sanitized of HTML-related characters/strings before being directly displayed in the input box. This value can be saved as the default value to be displayed to all use...

5.1CVSS0.00047EPSS
Exploits0References3
CVE
CVEadded 2025/09/09 8:2 p.m.12 views

CVE-2025-34174

The CVE affects pfSense CE in the Status Traffic Totals feature: /usr/local/www/status_traffic_totals.php processes the start-day parameter. The parameter is not validated as numeric nor sanitized for HTML, allowing the value to be saved as the default display for all users, which triggers stored...

5.4CVSS5.5AI score0.00047EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2025/09/09 12:0 a.m.3 views

PT-2025-36941

Name of the Vulnerable Software and Affected Versions: pfSense CE affected versions not specified Description: The start-day parameter in /usr/local/www/status traffic totals.php does not undergo proper validation to ensure it is a numeric value or sanitized of HTML-related characters before bein...

5.1CVSS5.2AI score0.00047EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/09/09 12:0 a.m.2 views

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the start-day parameter not validating as a...

5.4CVSS5.8AI score0.00047EPSS
Exploits0References4
Rows per page
Query Builder