Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openinfosecfoundation suricata vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-6603
The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata prior to 2.0.4 allows remote malicious users to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or...
Openinfosecfoundation Suricata 2.0.1-2
Openinfosecfoundation Suricata 2.0.2-2
Openinfosecfoundation Suricata 2.0.2-1
Openinfosecfoundation Suricata 2.0.3-1
Openinfosecfoundation Suricata 2.0.1-1
Openinfosecfoundation Suricata
5
CVSSv2
CVE-2013-5919
Suricata prior to 1.4.6 allows remote malicious users to cause a denial of service (crash) via a malformed SSL record.
Openinfosecfoundation Suricata 1.4
Openinfosecfoundation Suricata 1.3
Openinfosecfoundation Suricata
Suricata-ids Suricata 1.3.1
Suricata-ids Suricata 1.3.2
Suricata-ids Suricata 1.3.3
Suricata-ids Suricata 1.3.4
Suricata-ids Suricata 1.3.5
Suricata-ids Suricata 1.3.6
Suricata-ids Suricata 1.4.1
Suricata-ids Suricata 1.4.2
Suricata-ids Suricata 1.4.3
Suricata-ids Suricata 1.4.4
5
CVSSv2
CVE-2017-7177
Suricata prior to 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.
Openinfosecfoundation Suricata
5
CVSSv2
CVE-2017-15377
In Suricata prior to 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should aft...
Openinfosecfoundation Suricata
7.5
CVSSv2
CVE-2015-8954
The MemcmpLowercase function in Suricata prior to 2.0.6 improperly excludes the first byte from comparisons, which might allow remote malicious users to bypass intrusion-prevention functionality via a crafted HTTP request.
Openinfosecfoundation Suricata
5
CVSSv2
CVE-2015-0971
The DER parser in Suricata prior to 2.0.8 allows remote malicious users to cause a denial of service (crash) via vectors related to SSL/TLS certificates.
Debian Debian Linux 8.0
Openinfosecfoundation Suricata
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started