Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sourcefire vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-1804
preprocessors/spp_frag3.c in Sourcefire Snort prior to 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote malicious users to bypass detection rules by using a different TTL for each fragment.
Snort Snort
6.6
CVSSv2
CVE-2021-34761
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local malicious user to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerabili...
Cisco Firepower Management Center Virtual Appliance 6.2.3
Cisco Sourcefire Defense Center 6.4.0
Cisco Firepower Threat Defense
Cisco Sourcefire Defense Center 6.2.3
Cisco Sourcefire Defense Center 7.1.0
Cisco Firepower Management Center Virtual Appliance 7.1.0
Cisco Sourcefire Defense Center 6.6.1
Cisco Sourcefire Defense Center 6.7.0
Cisco Sourcefire Defense Center 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.4.0
Cisco Firepower Management Center Virtual Appliance 6.6.1
Cisco Firepower Management Center Virtual Appliance 6.7.0
Cisco Firepower Management Center Virtual Appliance 7.0.0
6.1
CVSSv2
CVE-2015-6307
Cisco FirePOWER (formerly Sourcefire) 7000 and 8000 devices with software 5.4.0.1 allow remote malicious users to cause a denial of service (inspection-engine outage) via crafted packets, aka Bug ID CSCuu10871.
Cisco Firepower 5.4.0.1
5.8
CVSSv2
CVE-2021-34764
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an malicious user to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerabilities, see the De...
Cisco Firepower Management Center Virtual Appliance 6.1.0
Cisco Firepower Management Center Virtual Appliance 6.2.0
Cisco Firepower Management Center Virtual Appliance 6.2.3
Cisco Sourcefire Defense Center 6.4.0
Cisco Sourcefire Defense Center 6.5.0
Cisco Sourcefire Defense Center 6.6.0
Cisco Firepower Threat Defense
Cisco Firepower Management Center Virtual Appliance 6.3.0
Cisco Sourcefire Defense Center 6.1.0
Cisco Sourcefire Defense Center 6.2.0
Cisco Sourcefire Defense Center 6.2.3
Cisco Sourcefire Defense Center 6.3.0
Cisco Sourcefire Defense Center 7.1.0
Cisco Firepower Management Center Virtual Appliance 7.1.0
Cisco Sourcefire Defense Center 6.6.1
Cisco Sourcefire Defense Center 6.7.0
Cisco Sourcefire Defense Center 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.4.0
Cisco Firepower Management Center Virtual Appliance 6.5.0
Cisco Firepower Management Center Virtual Appliance 6.6.0
Cisco Firepower Management Center Virtual Appliance 6.6.1
Cisco Firepower Management Center Virtual Appliance 6.7.0
5.5
CVSSv2
CVE-2021-34762
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote malicious user to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vu...
Cisco Firepower Management Center Virtual Appliance 6.2.3
Cisco Sourcefire Defense Center 6.4.0
Cisco Sourcefire Defense Center 6.5.0
Cisco Firepower Threat Defense
Cisco Sourcefire Defense Center 6.2.3
Cisco Firepower Management Center Virtual Appliance 7.1.0
Cisco Sourcefire Defense Center 6.6.1
Cisco Sourcefire Defense Center 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.4.0
Cisco Firepower Management Center Virtual Appliance 6.5.0
Cisco Firepower Management Center Virtual Appliance 6.6.1
Cisco Firepower Management Center Virtual Appliance 6.7.0
Cisco Firepower Management Center Virtual Appliance 7.0.0
Cisco Firepower Management Center Virtual Appliance 6.6.2
Cisco Firepower Management Center Virtual Appliance 6.6.3
Cisco Firepower Management Center Virtual Appliance 6.6.4
Cisco Sourcefire Defense Center 6.6.2
Cisco Sourcefire Defense Center 6.6.3
Cisco Sourcefire Defense Center 6.6.4
5
CVSSv2
CVE-2017-6657
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether ...
Cisco Snort\\+\\+ -
5
CVSSv2
CVE-2017-6658
Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem.
Cisco Sourcefire Snort 3.0
5
CVSSv2
CVE-2016-6368
A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition due to the Snort process unexpectedly resta...
Cisco Firepower Management Center 6.0.0.0
Cisco Firepower Management Center 6.0.0
Cisco Firepower Management Center 6.0.0.1
Cisco Firepower Management Center 6.0.1
5
CVSSv2
CVE-2006-2769
The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 up to and including 2.4.4 allows remote malicious users to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
Sourcefire Snort 2.4.4
Sourcefire Snort 2.4
Sourcefire Snort 2.4.1
Sourcefire Snort 2.4.2
Sourcefire Snort 2.4.3
1 EDB exploit
5
CVSSv2
CVE-2006-0839
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote malicious users to evade detection of certain attacks, possibly related to IP option lengths.
Sourcefire Snort 2.4.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »