GCVE - cpe:2.3:a:netgate:pfsense:2.1.3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:netgate:pfsense:2.1.3:*:*:*:*:*:*:*

part: a version: 2.1.3 update: *

Vendor	Netgate (`42bc912c-274f-5f68-8e52-e5d60c7dbf39`)
Product	Pfsense (`5aa539db-9816-5834-bdbc-2e98c3f36341`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/pfsense/pfsense`	purl2cpe	2026-06-01 10:11:51.848409

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-4696`	vulnerable	2026-06-08 05:05:45.440363	Details available Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (2) the returl parameter to suricata_select_alias.php. Published: 2014-07-02T10:00:00.000Z Updated: 2024-08-06T11:27:36.855Z Open on db.gcve.eu Reference links https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-4695`	vulnerable	2026-06-08 05:05:45.440029	Details available Multiple open redirect vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) the returl parameter to snort_select_alias.php. Published: 2014-07-02T10:00:00.000Z Updated: 2024-08-06T11:27:36.009Z Open on db.gcve.eu Reference links https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-4694`	vulnerable	2026-06-08 05:05:45.438517	Details available Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via unspecified variables. Published: 2014-07-02T10:00:00.000Z Updated: 2024-08-06T11:27:36.891Z Open on db.gcve.eu Reference links https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-4693`	vulnerable	2026-06-08 05:05:45.437250	Details available Multiple cross-site scripting (XSS) vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the eng parameter to snort_import_aliases.php or (2) unspecified variables to snort_select_alias.php. Published: 2014-07-02T10:00:00.000Z Updated: 2024-08-06T11:27:36.132Z Open on db.gcve.eu Reference links https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.