Lucene search
+L

239 matches found

cve
cve
added 2025/01/06 6:4 p.m.92 views

CVE-2024-55629

CVE-2024-55629 affects Suricata prior to 7.0.8, where TCP urgent data handling could cause data to be analyzed differently than at endpoints, enabling evasions. In IPS mode, administrator can drop urgent-data packets via rules (e.g., tcp.flags:U*). The issue is addressed in Suricata 7.0.8 and lat...

7.5CVSS6.8AI score0.00533EPSS
Exploits0References4Affected Software1
alpinelinux
alpinelinux
added 2025/01/06 6:4 p.m.19 views

CVE-2024-55629

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...

7.5CVSS7AI score0.00533EPSS
Exploits0
debiancve
debiancve
added 2025/01/06 5:47 p.m.36 views

CVE-2024-55626

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8...

5.5CVSS8.7AI score0.00242EPSS
Exploits0
debiancve
debiancve
added 2025/01/06 5:7 p.m.15 views

CVE-2024-55605

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large input buffer to the tolowercase, touppercase, stripwhitespace, compresswhitespace, dotprefix, headerlowercase, strippseudoheaders, urldecode, or xor...

7.5CVSS8.6AI score0.0064EPSS
Exploits0
nvd
nvd
added 2024/10/16 7:15 p.m.23 views

CVE-2024-47188

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to byte-range tracking having predictable hash table behavior. This can lead to an attacker...

7.5CVSS0.00283EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/10/16 6:34 p.m.24 views

CVE-2024-45795 Suricata detect/datasets: reachable assertion with unimplemented rule option

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service...

7.5CVSS6.9AI score0.00534EPSS
Exploits0References2
cvelist
cvelist
added 2024/10/16 6:34 p.m.32 views

CVE-2024-45795 Suricata detect/datasets: reachable assertion with unimplemented rule option

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service...

7.5CVSS0.00534EPSS
Exploits0References2
susecve
susecve
added 2024/10/10 2:48 a.m.3 views

SUSE CVE-2024-46870

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 Why DMCUB can intermittently take longer than expected to process commands. Old ASIC policy was to continue while logging a diagnostic error - which works fine for ASIC without IPS...

4.7CVSS7.2AI score0.00131EPSS
Exploits0References13
osv
osv
added 2024/10/09 2:15 p.m.2 views

UBUNTU-CVE-2024-46870

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 Why DMCUB can intermittently take longer than expected to process commands. Old ASIC policy was to continue while logging a diagnostic error - which works fine for ASIC without IPS...

4.7CVSS6.1AI score0.00131EPSS
Exploits0References9
nvd
nvd
added 2024/09/25 5:15 p.m.33 views

CVE-2024-20508

A vulnerability in Cisco Unified Threat Defense UTD Snort Intrusion Prevention System IPS Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service DoS condition on an affected device. This vulnerability is...

6.5CVSS0.00417EPSS
Exploits0References1
cvelist
cvelist
added 2024/09/25 4:19 p.m.37 views

CVE-2024-20508 Cisco UTD Snort IPS Engine Software for Cisco IOS XE Software Security Policy Bypass and Denial of Service Vulnerability

A vulnerability in Cisco Unified Threat Defense UTD Snort Intrusion Prevention System IPS Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service DoS condition on an affected device. This vulnerability is...

5.8CVSS0.00417EPSS
Exploits0References1
cisco
cisco
added 2024/09/25 4:0 p.m.12 views

Cisco Unified Threat Defense Snort Intrusion Prevention System Engine for Cisco IOS XE Software Security Policy Bypass and Denial of Service Vulnerability

A vulnerability in Cisco Unified Threat Defense UTD Snort Intrusion Prevention System IPS Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service DoS condition on an affected device. This vulnerability is...

5.8CVSS6.3AI score0.00417EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2024/09/11 12:0 a.m.17 views

The vulnerability of the Suricata intrusion detection and prevention system, related to overflowing buffers in dynamic memory, allows an intruder to trigger a service failure.

The vulnerability of the Suricata intrusion detection and prevention system is related to the overflow of the buffer in the dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

5.3CVSS7.9AI score0.00868EPSS
Exploits0References5Affected Software2
osv
osv
added 2024/07/11 2:54 p.m.20 views

CVE-2024-38536 Suricata http/range: NULL-ptr deref when http.memcap is reached

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A memory allocation failure due to http.memcap being reached leads to a NULL-ptr reference leading to a crash. Upgrade to 7.0.6...

7.5CVSS7.2AI score0.00874EPSS
Exploits1References5
cnnvd
cnnvd
added 2024/06/14 12:0 a.m.2 views

Trellix IPS Manager Security Vulnerability

Trellix IPS Manager is a next-generation IPS for local and virtual networks from FireEye Trellix USA. A security vulnerability exists in Trellix IPS Manager, Central Manager, and Local Manager. An attacker could exploit the vulnerability to obtain sensitive information...

6.8CVSS6.3AI score0.00272EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/06/14 12:0 a.m.3 views

Trellix IPS Manager Code Issue Vulnerability

Trellix IPS Manager is a next-generation IPS for local and virtual networks from FireEye Trellix USA. Trellix IPS Manager suffers from a code issue vulnerability that stems from insecure deserialization. An attacker exploiting this vulnerability could execute arbitrary code...

9.8CVSS7.2AI score0.00929EPSS
Exploits0References2
nessus
nessus
added 2024/05/31 12:0 a.m.20 views

Cisco Firepower Threat Defense Software Snort 3 HTTP Intrusion Prevention System Rule Bypass (cisco-sa-snort3-ips-bypass-uE69KBMd)

According to its self-reported version, Cisco Firepower Threat Defense FTD Software is affected by a vulnerability. - Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System IPS rule engine that could allow an unauthenticated, remote attacker to bypass the...

5.8CVSS5.7AI score0.00366EPSS
Exploits0References5
osv
osv
added 2024/05/22 5:16 p.m.5 views

CVE-2024-20363

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System IPS rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker coul...

5.8CVSS6.3AI score
Exploits0References1
cve
cve
added 2024/05/22 4:52 p.m.69 views

CVE-2024-20363

CVE-2024-20363 affects multiple Cisco products due to a vulnerability in the Snort 3 IPS rule engine caused by incorrect HTTP packet handling. An unauthenticated, remote attacker can exploit crafted HTTP traffic to bypass configured IPS rules, allowing uninspected traffic onto the network. Affect...

5.8CVSS6.8AI score0.00366EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2024/05/22 12:0 a.m.6 views

PT-2024-4188 · Cisco · Snort Intrusion Prevention System

Name of the Vulnerable Software and Affected Versions: Cisco products affected versions not specified Description: The issue is related to a vulnerability in the Snort Intrusion Prevention System IPS rule engine, which could allow an unauthenticated, remote attacker to bypass the configured rules...

5.8CVSS6.5AI score0.00366EPSS
Exploits0References8
Rows per page
Query Builder