CVE-2019-1010251
- EPSS 0.4%
- Published 18.07.2019 18:15:12
- Last modified 21.11.2024 04:18:05
Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-lay...
CVE-2019-10050
- EPSS 0.54%
- Published 13.05.2019 17:29:02
- Last modified 21.11.2024 04:18:17
A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for ...
CVE-2018-10244
- EPSS 0.67%
- Published 04.04.2019 16:29:00
- Last modified 21.11.2024 03:41:05
Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data because DecodeENIPPDU in app-layer-enip-commmon.c has an integer overflow during a length check...
CVE-2018-10242
- EPSS 0.41%
- Published 04.04.2019 15:29:00
- Last modified 21.11.2024 03:41:05
Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check.
- EPSS 0.54%
- Published 30.05.2014 14:55:08
- Last modified 12.04.2025 10:46:40
Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record.