Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
snort vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2006-5276
Stack-based buffer overflow in the DCE/RPC preprocessor in Snort prior to 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote malicious users to execute arbitrary code via crafted SMB traffic.
Snort Snort 2.6.1
Snort Snort 2.6.1.1
Sourcefire Intrusion Sensor 4.6
Snort Snort
Sourcefire Intrusion Sensor 4.5
Snort Snort 2.7 Beta1
Sourcefire Intrusion Sensor 4.1
4 EDB exploits
10
CVSSv2
CVE-2003-0209
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and previous versions allows remote malicious users to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
Sourcefire Snort 1.8.5
Sourcefire Snort 1.8.6
Smoothwall Smoothwall 2.0 Beta 4
Sourcefire Snort 1.8
Sourcefire Snort 1.8.7
Sourcefire Snort 1.9
Sourcefire Snort 1.8.1
Sourcefire Snort 1.8.2
Sourcefire Snort 1.9.1
Sourcefire Snort 1.8.3
Sourcefire Snort 1.8.4
1 EDB exploit
10
CVSSv2
CVE-2003-0033
Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x prior to 1.9.1 allows remote malicious users to execute arbitrary code via fragmented RPC packets.
Snort Snort 1.8.0
Snort Snort 1.8.7
Snort Snort 1.9.0
Snort Snort 1.8.5
Snort Snort 1.8.6
Snort Snort 1.8.1
Snort Snort 1.8.2
Snort Snort 1.8.3
Snort Snort 1.8.4
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1147 Github repositories
28 Articles
9.3
CVSSv2
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
44 Github repositories
3 Articles
9.3
CVSSv2
CVE-2009-4211
The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, wh...
Disa Srr For Solaris
9
CVSSv2
CVE-2022-20828
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote malicious user to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the roo...
Cisco Asa Firepower
1 Metasploit module
1 Github repository
1 Article
8.5
CVSSv2
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
7.8
CVSSv2
CVE-2022-20767
A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DN...
Cisco Firepower Threat Defense 7.1.0
Cisco Firepower Threat Defense
7.8
CVSSv2
CVE-2021-40114
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper...
Cisco Firepower Management Center 2.9.14.0
Cisco Firepower Management Center 2.9.15
Cisco Firepower Management Center 2.9.16
Cisco Firepower Management Center 2.9.17
Cisco Firepower Threat Defense
Cisco Unified Threat Defense
Snort Snort
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »