11 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-64344
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 an...
DEBIAN-CVE-2025-64344
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...
CVE-2025-64344
CVE-2025-64344 affects Suricata, an IDS/IPS/NSM engine. The issue is a stack overflow caused by unbounded stack allocation when processing large buffers in Lua scripts (LuaPushStringBuffer), potentially triggered by large buffers in Lua rules or output scripts. Affected versions are prior to 7.0....
CVE-2025-64344 Suricata is vulnerable to a stack overflow from unbounded stack allocation in LuaPushStringBuffer
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...
CVE-2025-64344
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...
CVE-2025-64344
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...
DEBIAN-CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
UBUNTU-CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
PT-2023-6099 · Suricata +2 · Suricata +2
Name of the Vulnerable Software and Affected Versions: Suricata versions prior to 6.0.13 Description: The issue is related to insufficient input validation in the Suricata intrusion detection and prevention system. It may allow a remote attacker to execute arbitrary code. An adversary who control...
lua-resty-waf
It is an offensive tool for web application firewalls WAFs. The repository, huangjacky/lua-resty-waf, contains a high-performance WAF built on the OpenResty stack. The tool is designed to protect against various types of attacks, including HTTP violations, HTTP anomalies, SQL injection, and gener...