EUVD-2025-36519

IPFire versions prior to 2.29 Core Update 198 contain multiple stored cross-site scripting XSS vulnerabilities caused by a bug in the cleanhtml function /var/ipfire/header.pl that fails to apply HTML-entity encoding to user input. When an authenticated user submits data to affected endpoints - fo...

CVE-2025-34317

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLSHOSTNAME parameter when adding a new DNS entry. When a user adds a DNS entry, the application issues an HT...

CVE-2025-34317

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLSHOSTNAME parameter when adding a new DNS entry. When a user adds a DNS entry, the application issues an HT...

CVE-2025-34313

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the QUOTAUSERS parameter when creating a user quota rule. When a user adds a new user quota rule the application...

CVE-2025-34302

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the PROT parameter when creating a new service. When a user adds a service, the application issues an HTTP POST...

CVE-2025-34305

IPFire versions prior to 2.29 Core Update 198 contain multiple stored cross-site scripting XSS vulnerabilities caused by a bug in the cleanhtml function /var/ipfire/header.pl that fails to apply HTML-entity encoding to user input. When an authenticated user submits data to affected endpoints - fo...

CVE-2025-34302

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the PROT parameter when creating a new service. When a user adds a service, the application issues an HTTP POST...

CVE-2025-34303

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the IGNOREENTRYREMARK parameter when adding a whitelisted host. When a whitelisted host is added, an HTTP POST...

CVE-2025-34306 IPFire < v2.29 Stored XSS via Default IP Search Value

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the pienumber parameter when updating the default firewall IP search values. When a user updates these defaults,...

CVE-2025-34308 IPFire < v2.29 Stored XSS via Default Time Sync

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the UPDATEVALUE parameter when updating the default time synchronization settings. When the default values...

CVE-2025-34318 IPFire < v2.29 Stored XSS via DNS Creation (proxy.cgi)

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLSHOSTNAME, UPSTREAMUSER, UPSTREAMPASSWORD, ADMINMAILADDRESS, and ADMINPASSWORD parameters when adding a new...

CVE-2025-34317 IPFire < v2.29 Stored XSS via DNS Creation (dns.cgi)

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLSHOSTNAME parameter when adding a new DNS entry. When a user adds a DNS entry, the application issues an HT...

CVE-2025-34305

IPFire before 2.29 (Core Update 198) contains multiple stored XSS flaws in the cleanhtml() function at /var/ipfire/header.pl. The bug prevents sanitized input from being written back to the output, so authenticated users submitting data to endpoints such as POST /cgi-bin/wakeonlan.cgi (CLIENT_COM...

CVE-2025-34315

IPFire prior to version 2.29 (Core Update 198) is affected by a stored cross-site scripting (XSS) vulnerability in the REMOTELOG_ADDR parameter used when updating the remote syslog server address. The value is submitted via POST to /cgi-bin/logs.cgi/config.dat and is stored and later rendered in ...

Security update 4.3.16.1 SUSE Manager Server and Proxy 4.3 LTS

Description: This update fixes the following issues: susemanager-build-keys: Update SUSE GPG key and make it available for Salt bsc1250911 susemanager-tftpsync-recv: Version 4.3.11-0 with security fix: CVE-2025-53880: Sanitize path in sync-proxy script bsc1246277 rhnlib: Version 4.3.7-0: Use more...

SUSE-SU-2025:3826-1 Security update 4.3.16.1 for SUSE Manager Server 4.3 LTS

This update fixes the following issues: susemanager-build-keys: - Update SUSE GPG key and make it available for Salt bsc1250911 susemanager-sls: - Version 4.3.50-0 Fix OS Family grain name bsc1250911 - Version 4.3.49-0 Fixed syntax error in Salt state - Version 4.3.48-0 Automatically deploy the...

PT-2025-44172

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 Core Update 198 Description IPFire versions prior to 2.29 Core Update 198 are susceptible to a stored cross-site scripting XSS issue. An authenticated attacker can inject arbitrary JavaScript code through the QUOT...

CVE-2025-36170

CVE-2025-36170 affects IBM QRadar SIEM versions 7.5 through 7.5.0 Update Pack 13 Independent Fix 02. IBM reports a stored cross-site scripting vulnerability allowing an authenticated user to inject arbitrary JavaScript into the Web UI, potentially leading to credentials disclosure within a truste...

CVE-2025-4106

An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0...

CVE-2025-12233

Affects: Tenda CH22 v1.0.0.1. Vulnerable component: fromSafeUrlFilter in /goform/SafeUrlFilter. Root cause: input data length not validated when manipulating the page argument in the SafeUrlFilter function, leading to a buffer overflow. Impact: remote attacker could exploit to execute arbitrary c...