Vulnerabilities (CVE)

Filtered by vendor Pfsense Subscribe
Filtered by product Suricata Package
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-4696 2 Netgate, Pfsense 2 Pfsense, Suricata Package 2024-11-21 5.8 MEDIUM N/A
Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (2) the returl parameter to suricata_select_alias.php.
CVE-2014-4694 2 Netgate, Pfsense 2 Pfsense, Suricata Package 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via unspecified variables.
CVE-2020-19678 2 Oisf, Pfsense 3 Suricata, Pfsense, Suricata Package 2024-02-28 N/A 7.5 HIGH
Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a remote attacker to obtain sensitive information via the file parameter to suricata/suricata_logs_browser.php.