Oisf

Suricata

59 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-28870

  • EPSS 0.46%
  • Veröffentlicht 03.04.2024 22:15:07
  • Zuletzt bearbeitet 28.04.2025 16:43:27

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, a...

5.3

CVE-2024-24568

  • EPSS 0.07%
  • Veröffentlicht 26.02.2024 16:27:58
  • Zuletzt bearbeitet 19.12.2024 19:30:33

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3...

8.1

CVE-2024-23839

  • EPSS 0.21%
  • Veröffentlicht 26.02.2024 16:27:58
  • Zuletzt bearbeitet 19.12.2024 19:38:28

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.request_header or http.respo...

7.5

CVE-2024-23836

  • EPSS 0.85%
  • Veröffentlicht 26.02.2024 16:27:57
  • Zuletzt bearbeitet 19.12.2024 19:26:20

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing th...

7.5

CVE-2024-23835

  • EPSS 0.26%
  • Veröffentlicht 26.02.2024 16:27:57
  • Zuletzt bearbeitet 18.12.2024 18:07:03

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched...

9.8

CVE-2023-35853

  • EPSS 0.55%
  • Veröffentlicht 19.06.2023 04:15:11
  • Zuletzt bearbeitet 11.12.2024 17:15:13

In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.

7.5

CVE-2023-35852

  • EPSS 0.58%
  • Veröffentlicht 19.06.2023 04:15:11
  • Zuletzt bearbeitet 03.11.2025 20:16:01

In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is...

7.5

CVE-2020-19678

Exploit
  • EPSS 0.22%
  • Veröffentlicht 06.04.2023 18:15:08
  • Zuletzt bearbeitet 12.02.2025 16:15:31

Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a remote attacker to obtain sensitive information via the file parameter to suricata/suricata_logs_browser.php.

7.5

CVE-2021-45098

Exploit
  • EPSS 0.65%
  • Veröffentlicht 16.12.2021 05:15:08
  • Zuletzt bearbeitet 03.11.2025 20:15:51

An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to injec...

9.8

CVE-2021-37592

  • EPSS 0.14%
  • Veröffentlicht 19.11.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 06:15:28

Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.