CVE-2025-64330

A flaw was found in Suricata. This vulnerability allows a denial of service DoS via a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records, requiring the per packet alert queue to be filled with alerts followed by a pass rule...

PT-2025-48241

Name of the Vulnerable Software and Affected Versions Apache SkyWalking versions prior to 10.3.0 Description The software contains an Improper Neutralization of Script-Related HTML Tags in a Web Page issue, also known as a Basic Cross-Site Scripting XSS flaw. This allows attackers to inject...

CVE-2025-66035

creationtimestamp| type| source ---|---|--- 2025-11-26 23:17:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6kyg7f3d42u 2025-11-27 02:23:49+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m6lctzvqqy2s 2025-11-27 22:22:55+00:00| seen|...

DEBIAN-CVE-2025-64330

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

CVE-2025-64330

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

CVE-2025-64335

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64data. This issue has been patched in...

UBUNTU-CVE-2025-64330

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

CVE-2025-64330

CVE-2025-64330 concerns Suricata, a network IDS/IPS engine. Prior to versions 7.0.13 and 8.0.2, a single-byte read heap overflow during verdict logging in eve.alert/eve.drop can cause crashes when the per-packet alert queue is saturated and a pass rule follows. The issue has been patched in 7.0.1...

CVE-2025-64330 Suricata is vulnerable to a heap buffer overflow on verdict

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

EUVD-2025-199772

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

CVE-2025-64330

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

CVE-2025-64330 Suricata is vulnerable to a heap buffer overflow on verdict

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

CVE-2025-64330

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

CVE-2025-50433

creationtimestamp| type| source ---|---|--- 2025-11-26 23:03:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6kxnvqcmi2s...

CVE-2025-13483

SiRcom SMART Alert SiSA allows unauthorized access to backend APIs. This allows an unauthenticated attacker to bypass the login screen using browser developer tools, gaining access to restricted parts of the application...

CVE-2025-64169

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

curl: runs javascript on powershell when it shouldnt

On windows, if I run a curl on powershell for a script that should show alert1 it just executes the script when it shouldn't. I did not use AI to find or report this bug. Affected version on CMD I ran curl --version curl 8.16.0 Windows libcurl/8.16.0 Schannel zlib/1.3.1 WinIDN on powershell it...

Suricata 安全漏洞

Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A security vulnerability exists in Suricata versions prior to 7.0.13 and prior to 8.0.2 that stems from a heap overflow when logging eve.alert and eve.drop, which could lead to a crash...

CVE-2025-13483

SiRcom SMART Alert SiSA allows unauthorized access to backend APIs. This allows an unauthenticated attacker to bypass the login screen using browser developer tools, gaining access to restricted parts of the application...

CVE-2025-13483

SiRcom SMART Alert (SiSA) is affected by a Missing Authentication vulnerability that lets an unauthenticated attacker access backend APIs and bypass the login screen via browser developer tools, gaining access to restricted parts of the application. The CVE-2025-13483 entry notes a high-severity ...