Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suricata vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2018-1000167
OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. The "list-sources"-command is affected by this bug....
Oisf Suricata-update 1.0.0a1
445
VMScore
CVE-2015-0971
The DER parser in Suricata prior to 2.0.8 allows remote malicious users to cause a denial of service (crash) via vectors related to SSL/TLS certificates.
Debian Debian Linux 8.0
Openinfosecfoundation Suricata
383
VMScore
CVE-2014-4694
Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package prior to 1.0.6 for pfSense up to and including 2.1.4 allow remote malicious users to inject arbitrary web script or HTML via unspecified variables.
Pfsense Suricata Package
Netgate Pfsense 2.1.3
Netgate Pfsense
516
VMScore
CVE-2014-4696
Multiple open redirect vulnerabilities in the Suricata package prior to 1.0.6 for pfSense up to and including 2.1.4 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (...
Netgate Pfsense
Pfsense Suricata Package
Netgate Pfsense 2.1.3
445
VMScore
CVE-2021-45098
An issue exists in Suricata prior to 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP ...
Oisf Suricata
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
445
VMScore
CVE-2021-35063
Suricata prior to 5.0.7 and 6.x prior to 6.0.3 has a "critical evasion."
Oisf Suricata
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
NA
CVE-2024-28870
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logg...
NA
CVE-2024-32663
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. before 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and ...
NA
CVE-2024-23836
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which c...
NA
CVE-2024-24568
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. before 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »