Lucene search
K

34184 matches found

EUVD
EUVD
added 2025/11/26 10:57 p.m.7 views

EUVD-2025-199775

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...

7.5CVSS6.3AI score0.00278EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/11/26 10:57 p.m.3 views

CVE-2025-64333

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...

7.5CVSS6.8AI score0.00278EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/11/26 10:57 p.m.9 views

CVE-2025-64333

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...

7.5CVSS5.3AI score0.00278EPSS
Exploits0
CVE
CVE
added 2025/11/26 10:57 p.m.19 views

CVE-2025-64333

CVE-2025-64333 : Suricata before 7.0.13 and 8.0.2 can stack overflow when logging a large HTTP content type; patched in 7.0.13/8.0.2. Workarounds include limiting stream.reassembly.depth to less than half the stack size; increasing process stack size reduces trigger likelihood.

7.5CVSS6.4AI score0.00278EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/11/26 10:57 p.m.7 views

CVE-2025-64333 Suricata is vulnerable to a stack overflow from big content-type

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.4 views

Suricata 安全漏洞

Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A security vulnerability exists in Suricata versions prior to 7.0.13 and prior to 8.0.2, which stems from a stack overflow in a Lua script that handles large buffers, potentially causing a crash...

7.5CVSS6.6AI score0.00306EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.3 views

Suricata 安全漏洞

Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A security vulnerability exists in Suricata versions prior to 7.0.13 and prior to 8.0.2, which stems from a stack overflow when logging large HTTP content types, potentially resulting in a crash...

7.5CVSS6.5AI score0.00278EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.8 views

Suricata 安全漏洞

Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A security vulnerability exists in Suricata versions prior to 7.0.13 and prior to 8.0.2, which stems from a stack overflow when SWF decompression is enabled, potentially resulting in a crash...

7.5CVSS6.5AI score0.0032EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.5 views

Suricata 安全漏洞

Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A security vulnerability exists in Suricata versions prior to 7.0.13 and prior to 8.0.2, which stems from a stack overflow during large HTTP file transfers that could lead to a crash...

7.5CVSS6.5AI score0.00278EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/26 12:0 a.m.3 views

PT-2025-48204

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 7.0.13 Suricata versions prior to 8.0.2 Description Suricata is a network IDS, IPS and NSM engine. A stack overflow can occur during large HTTP file transfers if the HTTP response body limit is increased and logging ...

7.5CVSS6.8AI score0.00278EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/26 12:0 a.m.6 views

PT-2025-48207

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 7.0.13 Suricata versions prior to 8.0.2 Description Suricata is a network IDS, IPS and NSM engine. Processing large buffers in Lua scripts before versions 7.0.13 and 8.0.2 can lead to a stack overflow. Users utilizin...

7.5CVSS6.7AI score0.00306EPSS
Exploits0References6
OSV
OSV
added 2025/11/25 10:18 p.m.4 views

JLSEC-2025-281 A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service...

6.1CVSS7AI score0.00532EPSS
Exploits1References8
OSV
OSV
added 2025/11/25 10:18 p.m.2 views

JLSEC-2025-275 A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0

A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities...

6.5CVSS7AI score0.01378EPSS
Exploits1References6
OSV
OSV
added 2025/11/25 10:18 p.m.2 views

JLSEC-2025-321 A vulnerability was determined in LibTIFF up to 4.5.1

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is...

5.3CVSS6.9AI score0.00162EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/25 8:17 a.m.5 views

Multiple vulnerabilities in Security Point (Windows) of MaLion

Overview Security Point Windows of MaLion provided by Intercom, Inc. contains multiple vulnerabilities listed below. Incorrect default permissions CWE-276 - CVE-2025-59485 Stack-based buffer overflow in processing HTTP headers CWE-121 - CVE-2025-62691 Heap-based buffer overflow in processing...

9.8CVSS8.6AI score0.00593EPSS
Exploits0References6
NVD
NVD
added 2025/11/25 8:15 a.m.4 views

CVE-2025-59365

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...

6.9CVSS0.00386EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/11/25 8:3 a.m.0 views

libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

7.5CVSS7.4AI score0.01569EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/25 7:36 a.m.4 views

libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

7.5CVSS7.4AI score0.01569EPSS
Exploits0References6
CVE
CVE
added 2025/11/25 7:27 a.m.13 views

CVE-2025-59365

CVE-2025-59365 corresponds to a stack buffer overflow in ASUS Router firmware affecting certain router models. According to PT-2025-48016, the issue is triggered by an authenticated attacker sending a specially crafted request, potentially causing a denial of service and impacting device availabi...

6.9CVSS6.8AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/25 7:27 a.m.5 views

CVE-2025-59365

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...

6.9CVSS0.00386EPSS
Exploits0References1
Rows per page
Query Builder