Oisf

Suricata

45 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-55628

  • EPSS 0.43%
  • Veröffentlicht 06.01.2025 18:15:22
  • Zuletzt bearbeitet 31.03.2025 13:02:25

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be co...

5.5

CVE-2024-55626

  • EPSS 0.05%
  • Veröffentlicht 06.01.2025 18:15:22
  • Zuletzt bearbeitet 31.03.2025 13:52:44

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue...

7.5

CVE-2024-55627

  • EPSS 0.1%
  • Veröffentlicht 06.01.2025 18:15:22
  • Zuletzt bearbeitet 31.03.2025 13:40:33

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initializatio...

7.5

CVE-2024-55605

  • EPSS 0.29%
  • Veröffentlicht 06.01.2025 17:15:39
  • Zuletzt bearbeitet 31.03.2025 13:53:42

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large input buffer to the to_lowercase, to_uppercase, strip_whitespace, compress_whitespace, dotprefix, header_low...

7.5

CVE-2024-47522

  • EPSS 0.55%
  • Veröffentlicht 16.10.2024 20:15:06
  • Zuletzt bearbeitet 25.09.2025 17:15:37

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a p...

7.5

CVE-2024-47188

  • EPSS 0.13%
  • Veröffentlicht 16.10.2024 19:15:27
  • Zuletzt bearbeitet 22.10.2024 13:50:17

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to byte-range tracking having predictable hash t...

7.5

CVE-2024-47187

  • EPSS 0.13%
  • Veröffentlicht 16.10.2024 19:15:27
  • Zuletzt bearbeitet 22.10.2024 13:48:59

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavi...

5.3

CVE-2024-45796

  • EPSS 0.28%
  • Veröffentlicht 16.10.2024 19:15:26
  • Zuletzt bearbeitet 22.10.2024 13:37:57

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could ...

7.5

CVE-2024-45795

  • EPSS 0.17%
  • Veröffentlicht 16.10.2024 19:15:26
  • Zuletzt bearbeitet 22.10.2024 13:35:50

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during ...

7.5

CVE-2024-38536

Exploit
  • EPSS 0.59%
  • Veröffentlicht 11.07.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 09:26:15

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A memory allocation failure due to `http.memcap` being reached leads to a NULL-ptr reference leading to a crash. Upgrade to 7.0.6.