Lucene search
K

26 matches found

Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.4 views

PT-2026-28501

Name of the Vulnerable Software and Affected Versions ClearanceKit versions prior to 4.2.4 Description ClearanceKit monitors file system access events on macOS and enforces access policies on a per-process basis. Before version 4.2.4, two file operation event types—ES EVENT TYPE AUTH EXCHANGEDATA...

8.4CVSS5.9AI score0.00101EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-1206

Malware in sbrugna...

8.6CVSS8.6AI score0.03026EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-10527

Malware in sbrugna...

7.5CVSS6.7AI score0.01493EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-6690

Malicious code in bioql PyPI...

7.5CVSS6AI score0.01985EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:17 p.m.9 views

CVE-2021-1494

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this...

5.8CVSS6.8AI score0.01072EPSS
Exploits0References1
OSV
OSV
added 2024/05/22 5:16 p.m.4 views

CVE-2024-20261

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a...

5.8CVSS5.8AI score0.0037EPSS
Exploits0References1
Veracode
Veracode
added 2023/03/11 12:24 a.m.15 views

File Policy Bypass

snort is vulnerable to File Policy Bypass. The vulnerability exists due to incorrect handling of specific HTTP header parameters, which allows an attacker to bypass the configured file policy for HTTP packets and deliver a malicious payload by sending maliciously crafted HTTP packets...

5.8CVSS6.8AI score0.01072EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/02/18 12:0 a.m.38 views

Debian DSA-5354-1 : snort - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5354 advisory. Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker t...

8.6CVSS6.2AI score0.02367EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2021/05/28 12:0 a.m.42 views

Cisco Firepower Threat Defence Snort HTTP Detection Engine File Policy Bypass (cisco-sa-http-fp-bp-KfDdcQhc)

According to its self-reported version, Cisco IOS XE is affected by a vulnerability in the Snort detection engine due to a flaw in the handling of HTTP header parameters. An unauthenticated, remote attacker can exploit this by sending crafted HTTP packets through an affected device. A successful...

5.8CVSS5.8AI score0.01714EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/05/28 12:0 a.m.46 views

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-http-fp-bp-KfDdcQhc)

According to its self-reported version, Cisco IOS XE is affected by a vulnerability in the Snort detection engine due to a flaw in the handling of HTTP header parameters. An unauthenticated, remote attacker can exploit this by sending crafted HTTP packets through an affected device. A successful...

5.8CVSS5.8AI score0.01714EPSS
Exploits0References7
OSV
OSV
added 2021/04/29 6:15 p.m.3 views

UBUNTU-CVE-2021-1495

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this...

5.8CVSS6.2AI score0.01714EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/04/29 5:31 p.m.37 views

CVE-2021-1495 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this...

5.8CVSS6.9AI score0.01714EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.86 views

Cisco Integrated Services Routers 1000/4000 Series HTTP Detection Engine File Policy Bypass (cisco-sa-snort-filepolbypass-67DEwMe2)

According to its version and configuration, the Cisco Software running on the remote Integrated Services Router device is affected by affected by a file policy bypass vulnerability due to the incorrect handling of a HTTP range header. An unauthenticated, remote attacker could send a carefully...

7.5CVSS6.4AI score0.01985EPSS
Exploits0References3
OSV
OSV
added 2021/01/13 10:15 p.m.3 views

UBUNTU-CVE-2021-1223

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this...

7.5CVSS6.2AI score0.01985EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/01/13 9:16 p.m.27 views

CVE-2021-1224 Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability with TCP Fast Open TFO when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP...

5.8CVSS7.1AI score0.02005EPSS
Exploits0References3
Cisco
Cisco
added 2021/01/13 4:0 p.m.50 views

Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability with TCP Fast Open TFO when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP...

5.8CVSS6.5AI score0.02005EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/01/13 12:0 a.m.2 views

PT-2021-1770 · Cisco +1 · Snort +1

Name of the Vulnerable Software and Affected Versions: Cisco products affected versions not specified Description: The issue is related to a vulnerability in the Snort detection engine, which could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. This is due ...

8.6CVSS5.6AI score0.02367EPSS
Exploits0References43
OSV
OSV
added 2020/10/21 7:15 p.m.2 views

CVE-2020-3299

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...

5.8CVSS6.2AI score0.02279EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/09/04 12:0 a.m.36 views

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)

According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this vulnerability...

5.8CVSS5.8AI score0.02156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/09/04 12:0 a.m.35 views

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this...

5.8CVSS5.8AI score0.02156EPSS
Exploits0References4
Rows per page
Query Builder