Oisf

Suricata

45 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-38535

  • EPSS 0.83%
  • Veröffentlicht 11.07.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 09:26:14

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

7.5

CVE-2024-38534

  • EPSS 0.64%
  • Veröffentlicht 11.07.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 09:26:14

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly....

7.5

CVE-2024-37151

  • EPSS 0.38%
  • Veröffentlicht 11.07.2024 15:15:11
  • Zuletzt bearbeitet 21.11.2024 09:23:18

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to poli...

5.3

CVE-2024-32867

  • EPSS 0.63%
  • Veröffentlicht 07.05.2024 15:15:09
  • Zuletzt bearbeitet 19.12.2024 19:48:46

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. Th...

7.3

CVE-2024-32664

  • EPSS 0.33%
  • Veröffentlicht 07.05.2024 15:15:08
  • Zuletzt bearbeitet 19.12.2024 19:46:05

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in...

7.5

CVE-2024-32663

  • EPSS 0.33%
  • Veröffentlicht 07.05.2024 15:15:08
  • Zuletzt bearbeitet 19.12.2024 19:40:02

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been ...

7.5

CVE-2024-28870

  • EPSS 0.46%
  • Veröffentlicht 03.04.2024 22:15:07
  • Zuletzt bearbeitet 28.04.2025 16:43:27

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, a...

5.3

CVE-2024-24568

  • EPSS 0.06%
  • Veröffentlicht 26.02.2024 16:27:58
  • Zuletzt bearbeitet 19.12.2024 19:30:33

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3...

8.1

CVE-2024-23839

  • EPSS 0.21%
  • Veröffentlicht 26.02.2024 16:27:58
  • Zuletzt bearbeitet 19.12.2024 19:38:28

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.request_header or http.respo...

7.5

CVE-2024-23836

  • EPSS 0.85%
  • Veröffentlicht 26.02.2024 16:27:57
  • Zuletzt bearbeitet 19.12.2024 19:26:20

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing th...