Oisf

Suricata

59 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-47187

  • EPSS 0.06%
  • Veröffentlicht 16.10.2024 19:15:27
  • Zuletzt bearbeitet 22.10.2024 13:48:59

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavi...

5.3

CVE-2024-45796

  • EPSS 0.26%
  • Veröffentlicht 16.10.2024 19:15:26
  • Zuletzt bearbeitet 03.11.2025 20:16:31

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could ...

7.5

CVE-2024-45795

  • EPSS 0.88%
  • Veröffentlicht 16.10.2024 19:15:26
  • Zuletzt bearbeitet 22.10.2024 13:35:50

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during ...

7.5

CVE-2024-38536

Exploit
  • EPSS 0.59%
  • Veröffentlicht 11.07.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 09:26:15

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A memory allocation failure due to `http.memcap` being reached leads to a NULL-ptr reference leading to a crash. Upgrade to 7.0.6.

7.5

CVE-2024-38535

  • EPSS 1.06%
  • Veröffentlicht 11.07.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 09:26:14

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

7.5

CVE-2024-38534

  • EPSS 0.64%
  • Veröffentlicht 11.07.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 09:26:14

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly....

7.5

CVE-2024-37151

  • EPSS 0.49%
  • Veröffentlicht 11.07.2024 15:15:11
  • Zuletzt bearbeitet 03.11.2025 20:16:19

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to poli...

5.3

CVE-2024-32867

  • EPSS 0.63%
  • Veröffentlicht 07.05.2024 15:15:09
  • Zuletzt bearbeitet 19.12.2024 19:48:46

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. Th...

7.3

CVE-2024-32664

  • EPSS 0.33%
  • Veröffentlicht 07.05.2024 15:15:08
  • Zuletzt bearbeitet 19.12.2024 19:46:05

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in...

7.5

CVE-2024-32663

  • EPSS 0.28%
  • Veröffentlicht 07.05.2024 15:15:08
  • Zuletzt bearbeitet 03.11.2025 20:16:12

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been ...