Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
snort snort vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv3
CVE-2017-12300
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote malicious user to bypass a file policy that is configured to block the Server Message Block Version 2 (SMB2) protocol. The vulnerability is due to the incorrect...
Cisco Firepower Management Center 2.9.10
Cisco Firepower Management Center 2.9.11
Cisco Firepower Management Center 2.9.9
Cisco Firepower Management Center 2.9.12
8.6
CVSSv3
CVE-2017-12245
A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerabilit...
Cisco Firepower Management Center 6.1.0.6
Cisco Firepower Management Center 6.2.0
Cisco Firepower Management Center 6.2.0.2
Cisco Firepower Management Center 6.2.1
Cisco Firepower Management Center 6.0.1.3
Cisco Firepower Management Center 6.1.0.3
Cisco Firepower Management Center 6.2.2
Cisco Firepower Management Center 6.0.1
Cisco Firepower Management Center 6.1.0
8.6
CVSSv3
CVE-2017-12244
A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote malicious user to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly....
Cisco Firepower Management Center 6.0.0.0
Cisco Firepower Management Center 6.0.0.1
Cisco Firepower Management Center 6.0.1
Cisco Firepower Management Center 6.0.1.3
Cisco Firepower Management Center 6.0.0
Cisco Firepower Management Center 6.1.0
Cisco Firepower Management Center 6.1.0.6
Cisco Firepower Management Center 6.2.0.2
Cisco Firepower Management Center 6.2.1
Cisco Firepower Management Center 6.2.2
Cisco Firepower Management Center 6.1.0.3
Cisco Firepower Management Center 6.2.0
9.8
CVSSv3
CVE-2017-12611
In Apache Struts 2.0.0 up to and including 2.3.33 and 2.5 up to and including 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
Apache Struts 2.0.3
Apache Struts 2.0.5
Apache Struts 2.0.11.1
Apache Struts 2.0.12
Apache Struts 2.1.4
Apache Struts 2.1.6
Apache Struts 2.2.3
Apache Struts 2.3.1
Apache Struts 2.3.6
Apache Struts 2.3.8
Apache Struts 2.3.14.1
Apache Struts 2.3.14.3
Apache Struts 2.3.16
Apache Struts 2.3.16.2
Apache Struts 2.3.17
Apache Struts 2.3.21
Apache Struts 2.0.1
Apache Struts 2.0.2
Apache Struts 2.0.14
Apache Struts 2.1.0
Apache Struts 2.1.1
Apache Struts 2.1.2
1 Github repository
1 Article
7.5
CVSSv3
CVE-2017-9793
The REST Plugin in Apache Struts 2.1.x, 2.3.7 up to and including 2.3.33 and 2.5 up to and including 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload.
Apache Struts 2.5.10.1
Apache Struts 2.3.12
Apache Struts 2.3.13
Apache Struts 2.3.15.2
Apache Struts 2.3.15.3
Apache Struts 2.3.16
Apache Struts 2.3.20.1
Apache Struts 2.3.20.2
Apache Struts 2.3.26
Apache Struts 2.3.27
Apache Struts 2.5
Apache Struts 2.5.5
Apache Struts 2.5.6
Apache Struts 2.3.8
Apache Struts 2.3.9
Apache Struts 2.3.14.2
Apache Struts 2.3.14.3
Apache Struts 2.3.16.3
Apache Struts 2.3.17
Apache Struts 2.3.23
Apache Struts 2.3.24.2
Apache Struts 2.3.29
3 Github repositories
1 Article
7.5
CVSSv3
CVE-2017-9804
In Apache Struts 2.3.7 up to and including 2.3.33 and 2.5 up to and including 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing v...
Apache Struts 2.5.12
Apache Struts 2.3.7
Apache Struts 2.3.14.1
Apache Struts 2.3.14.2
Apache Struts 2.3.16.1
Apache Struts 2.3.16.2
Apache Struts 2.3.21
Apache Struts 2.3.22
Apache Struts 2.3.28.1
Apache Struts 2.3.29
Apache Struts 2.5
Apache Struts 2.5.7
Apache Struts 2.5.8
Apache Struts 2.3.10
Apache Struts 2.3.11
Apache Struts 2.3.12
Apache Struts 2.3.15.1
Apache Struts 2.3.15.2
Apache Struts 2.3.19
Apache Struts 2.3.20
Apache Struts 2.3.25
Apache Struts 2.3.26
1 Github repository
1 Article
8.1
CVSSv3
CVE-2017-9805
The REST Plugin in Apache Struts 2.1.1 up to and including 2.3.x prior to 2.3.34 and 2.5.x prior to 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Apache Struts 2.1.8
Apache Struts 2.1.8.1
Apache Struts 2.3.1.2
Apache Struts 2.3.3
Apache Struts 2.3.14.2
Apache Struts 2.3.14.3
Apache Struts 2.3.16.2
Apache Struts 2.3.16.3
Apache Struts 2.3.28
Apache Struts 2.3.28.1
Apache Struts 2.5.3
Apache Struts 2.5.4
Apache Struts 2.5.10.1
Apache Struts 2.5.11
Apache Struts 2.1.2
Apache Struts 2.2.1
Apache Struts 2.2.1.1
Apache Struts 2.3.4
Apache Struts 2.3.4.1
Apache Struts 2.3.15
Apache Struts 2.3.15.1
Apache Struts 2.3.20
1 EDB exploit
20 Github repositories
3 Articles
7.5
CVSSv3
CVE-2017-6657
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether ...
Cisco Snort\\+\\+ -
7.5
CVSSv3
CVE-2017-6658
Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem.
Cisco Sourcefire Snort 3.0
8.6
CVSSv3
CVE-2016-6368
A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition due to the Snort process unexpectedly resta...
Cisco Firepower Management Center 6.0.0.0
Cisco Firepower Management Center 6.0.0
Cisco Firepower Management Center 6.0.0.1
Cisco Firepower Management Center 6.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »