Oisf

Suricata

45 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-38535

  • EPSS 0.83%
  • Published 11.07.2024 15:15:12
  • Last modified 21.11.2024 09:26:14

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

7.5

CVE-2024-38534

  • EPSS 0.64%
  • Published 11.07.2024 15:15:12
  • Last modified 21.11.2024 09:26:14

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly....

7.5

CVE-2024-37151

  • EPSS 0.38%
  • Published 11.07.2024 15:15:11
  • Last modified 21.11.2024 09:23:18

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to poli...

5.3

CVE-2024-32867

  • EPSS 0.63%
  • Published 07.05.2024 15:15:09
  • Last modified 19.12.2024 19:48:46

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. Th...

7.3

CVE-2024-32664

  • EPSS 0.33%
  • Published 07.05.2024 15:15:08
  • Last modified 19.12.2024 19:46:05

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in...

7.5

CVE-2024-32663

  • EPSS 0.33%
  • Published 07.05.2024 15:15:08
  • Last modified 19.12.2024 19:40:02

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been ...

7.5

CVE-2024-28870

  • EPSS 0.46%
  • Published 03.04.2024 22:15:07
  • Last modified 28.04.2025 16:43:27

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, a...

5.3

CVE-2024-24568

  • EPSS 0.06%
  • Published 26.02.2024 16:27:58
  • Last modified 19.12.2024 19:30:33

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3...

8.1

CVE-2024-23839

  • EPSS 0.21%
  • Published 26.02.2024 16:27:58
  • Last modified 19.12.2024 19:38:28

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.request_header or http.respo...

7.5

CVE-2024-23836

  • EPSS 0.85%
  • Published 26.02.2024 16:27:57
  • Last modified 19.12.2024 19:26:20

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing th...