Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oisf suricata vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-1010251
Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, d...
Oisf Suricata 4.1.0
Oisf Suricata 4.0.2
Oisf Suricata 4.0.3
Oisf Suricata 4.0.5
5.3
CVSSv3
CVE-2019-17420
In OISF LibHTP prior to 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
Oisf Libhtp
Suricata-ids Suricata 4.1.4
7.5
CVSSv3
CVE-2023-35852
In Suricata prior to 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requ...
Oisf Suricata
7.5
CVSSv3
CVE-2019-1010279
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c (https://g...
Oisf Suricata
9.8
CVSSv3
CVE-2023-35853
In Suricata prior to 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.
Oisf Suricata
9.8
CVSSv3
CVE-2021-37592
Suricata prior to 5.0.8 and 6.x prior to 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.
Oisf Suricata
7.5
CVSSv3
CVE-2019-10050
A buffer over-read issue exists in Suricata 4.1.x prior to 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the...
Oisf Suricata
7.8
CVSSv3
CVE-2018-1000167
OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. The "list-sources"-command is affected by this bug....
Oisf Suricata-update 1.0.0a1
7.5
CVSSv3
CVE-2020-19678
Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a remote malicious user to obtain sensitive information via the file parameter to suricata/suricata_logs_browser.php.
Oisf Suricata 1.4.6
Pfsense Suricata Package 1.0.1
Pfsense Pfsense 2.1.3
7.5
CVSSv3
CVE-2021-45098
An issue exists in Suricata prior to 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP ...
Oisf Suricata
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »