Oisf

Suricata

45 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-55628

  • EPSS 0.43%
  • Published 06.01.2025 18:15:22
  • Last modified 31.03.2025 13:02:25

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be co...

5.5

CVE-2024-55626

  • EPSS 0.05%
  • Published 06.01.2025 18:15:22
  • Last modified 31.03.2025 13:52:44

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue...

7.5

CVE-2024-55627

  • EPSS 0.1%
  • Published 06.01.2025 18:15:22
  • Last modified 31.03.2025 13:40:33

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initializatio...

7.5

CVE-2024-55605

  • EPSS 0.29%
  • Published 06.01.2025 17:15:39
  • Last modified 31.03.2025 13:53:42

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large input buffer to the to_lowercase, to_uppercase, strip_whitespace, compress_whitespace, dotprefix, header_low...

7.5

CVE-2024-47522

  • EPSS 0.55%
  • Published 16.10.2024 20:15:06
  • Last modified 25.09.2025 17:15:37

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a p...

7.5

CVE-2024-47188

  • EPSS 0.13%
  • Published 16.10.2024 19:15:27
  • Last modified 22.10.2024 13:50:17

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to byte-range tracking having predictable hash t...

7.5

CVE-2024-47187

  • EPSS 0.13%
  • Published 16.10.2024 19:15:27
  • Last modified 22.10.2024 13:48:59

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavi...

5.3

CVE-2024-45796

  • EPSS 0.28%
  • Published 16.10.2024 19:15:26
  • Last modified 22.10.2024 13:37:57

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could ...

7.5

CVE-2024-45795

  • EPSS 0.17%
  • Published 16.10.2024 19:15:26
  • Last modified 22.10.2024 13:35:50

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during ...

7.5

CVE-2024-38536

Exploit
  • EPSS 0.59%
  • Published 11.07.2024 15:15:12
  • Last modified 21.11.2024 09:26:15

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A memory allocation failure due to `http.memcap` being reached leads to a NULL-ptr reference leading to a crash. Upgrade to 7.0.6.