ipfire.org

Top products

The 15 most recently published vulnerabilities affecting ipfire.org.

• CVE-2025-34311IPFire < v2.29 Command Injection via Proxy Report Creation8.8Oct 28, 2025
• CVE-2025-34312IPFire < v2.29 Command Injection via URL Filter Blacklist8.8Oct 28, 2025
• CVE-2025-34304IPFire < v2.29 SQL Injection via OpenVPN Connection Logs6.5Oct 28, 2025
• CVE-2025-34307IPFire < v2.29 Stored XSS via Default Country Search5.4Oct 28, 2025
• CVE-2025-34306IPFire < v2.29 Stored XSS via Default IP Search Value5.4Oct 28, 2025
• CVE-2025-34308IPFire < v2.29 Stored XSS via Default Time Sync5.4Oct 28, 2025
• CVE-2025-34317IPFire < v2.29 Stored XSS via DNS Creation (dns.cgi)5.4Oct 28, 2025
• CVE-2025-34309IPFire < v2.29 Stored XSS via Dynamic DNS Host5.4Oct 28, 2025
• CVE-2025-34301IPFire < v2.29 Stored XSS via Location Group Creation5.4Oct 28, 2025
• CVE-2025-34316IPFire < v2.29 Stored XSS via Mail Server Settings5.4Oct 28, 2025
• CVE-2025-34305IPFire < v2.29 Stored XSS via Multiple Methods in cleanhtml()5.4Oct 28, 2025
• CVE-2025-34310IPFire < v2.29 Stored XSS via Quality of Service (QoS) Settings5.4Oct 28, 2025
• CVE-2025-34315IPFire < v2.29 Stored XSS via Remote Syslog Server Address5.4Oct 28, 2025
• CVE-2025-34302IPFire < v2.29 Stored XSS via Service Creation5.4Oct 28, 2025
• CVE-2025-34314IPFire < v2.29 Stored XSS via Time Constraint Rule URL Filter5.4Oct 28, 2025