229 matches found
DYNAMITE: Dynamic Defense Selection for Enhancing Machine Learning-Based Intrusion Detection against Adversarial Attacks
The rapid proliferation of the Internet of Things IoT has introduced substantial security vulnerabilities, highlighting the need for robust Intrusion Detection Systems IDS. Machine learning-based intrusion detection systems ML-IDS have significantly improved threat detection capabilities; however...
CVE-2025-29918 Suricata pcre: negated pcr can cause infinite loop
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability i...
CVE-2025-29915
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AFPACKET defrag option is enabled by default and allows AFPACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is bas...
CVE-2025-29915 Suricata af-packet: defrag option can lead to truncated packets affecting visibility
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AFPACKET defrag option is enabled by default and allows AFPACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is bas...
The vulnerability of the Suricata intrusion detection and prevention system, due to insufficient validation of input data, allows attackers to bypass security restrictions and execute arbitrary codes.
The vulnerability of the Suricata intrusion detection and prevention system is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to bypass security restrictions and execute arbitrary code...
Linux Distros Unpatched Vulnerability : CVE-2024-55628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name...
Linux Distros Unpatched Vulnerability : CVE-2024-45795
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datase...
Linux Distros Unpatched Vulnerability : CVE-2024-37151
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets...
MAL-2025-1495 Malicious code in react-native-android-library-simpl-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4460dc946645a2b0bcd6489a7ae7a24c7c2803c369d27f2efa3de46ab7735558 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55628
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629
CVE-2024-55629 affects Suricata prior to 7.0.8, where TCP urgent data handling could cause data to be analyzed differently than at endpoints, enabling evasions. In IPS mode, administrator can drop urgent-data packets via rules (e.g., tcp.flags:U*). The issue is addressed in Suricata 7.0.8 and lat...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55628
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...
CVE-2024-55628 Suricata oversized resource names utilizing DNS name compression can lead to resource starvation
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...
CVE-2024-55628
Suricata is affected by CVE-2024-55628 due to DNS resource name compression before version 7.0.8, which can produce small DNS messages with very large hostnames and generate oversized log records. The issue has been addressed in Suricata 7.0.8 and later. (Supported by PTSecurity/PT-2025-48205, PT...
CVE-2024-55627
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer...