CVE-2026-22262

Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack buffer is used to prepare the data. Prior to versions 8.0.3 and 7.0.14, if the data in the dataset is too large, this can result in a stack overflow. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not us...

UBUNTU-CVE-2024-47187

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to us...

CVE-2024-47187 Suricata datasets: missing hashtable random seed leads to potential DoS

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to us...

UBUNTU-CVE-2023-35852

In Suricata before 6.0.13 when there is an adversary who controls an external source of rules, a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring...

Data Warehouse Permission issues

Cause MP Version 8 uses dataset rules to collect host security profiles and snapshots. When a collector is installed on an agent, there is no issue. The data is forwarded to Management Server and written to DW under the DW account. When a collector runs on a Management Server which is our use cas...