1629 matches found
CVE-2026-59674
A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to escalate to root. This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1...
CVE-2026-59674 LPE from suricata user to root due to chown in %post in suricata packaging
A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to escalate to root. This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1...
CVE-2026-59674
CVE-2026-59674 affects openSUSE Tumbleweed surfacing a local privilege escalation in suricata packaging due to a symlink follow vulnerability in the post-install script. Connected details indicate the issue involves the libsuricata8 package (version 8.0.5-2.1 and earlier) and is fixed in 8.0.5-2....
EUVD-2026-43633
A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to escalate to root. This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1...
CVE-2026-59674
A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to escalate to root. This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1...
MGASA-2026-0181 Updated suricata packages fix security vulnerabilities
Various security, performance, accuracy, and stability issues have been fixed, plus we have moved to a supported version...
Updated suricata packages fix security vulnerabilities
Various security, performance, accuracy, and stability issues have been fixed, plus we have moved to a supported version...
Suricata < 7.0.16 Denial of Service Vulnerability
The version of OISF Suricata installed on the remote host is prior to 7.0.16. It is, therefore, affected by a vulnerability: - The Lua TLS certificate information helper could dereference NULL certificate fields when a Lua script requested certificate information for TLS traffic where some...
Suricata 8.x < 8.0.5 Multiple Vulnerabilities
The version of OISF Suricata installed on the remote host is 8.x prior to 8.0.5. It is, therefore, affected by multiple vulnerabilities, including: - LDAP transaction state could store an unbounded number of responses. Because LDAP can be processed over UDP, crafted traffic may cause Suricata to...
Suricata < 7.0.16 / 8.x < 8.0.5 Multiple Vulnerabilities
The version of OISF Suricata installed on the remote host is prior to 7.0.16 or 8.x prior to 8.0.5. It is, therefore, affected by multiple vulnerabilities, including: - A protocol change while processing HTTP/2 traffic could lead to type confusion in Suricata. Crafted traffic may cause Suricata t...
[SECURITY] Fedora 43 Update: suricata-7.0.16-1.fc43
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
[SECURITY] Fedora 44 Update: suricata-8.0.5-1.fc44
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
Fedora 44 : suricata (2026-53a00bb643)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-53a00bb643 advisory. Upstream bugfix/security release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora 43 : suricata (2026-4ec2ec78d6)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4ec2ec78d6 advisory. Upstream bugfix/security release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Suricata IDPE 8.0.5
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...
The vulnerability of the krb5 parser in the Suricata intrusion detection and prevention system allows a perpetrator to trigger a service failure.
The vulnerability of the krb5 parser in the Suricata intrusion detection and prevention system is related to its algorithmic complexity. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the dcerpc parser in the Suricata intrusion detection and prevention system allows a intruder to trigger a service failure.
The vulnerability of the dcerpc parser in the Suricata intrusion detection and prevention system is related to its algorithmic complexity. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service interruptions...
suricata-detections
suricata-detections Network IDS signature development grounde...
Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Log4Shell Security Lab — nginx + Coraza WAF Mục đích giáo...
Towards Agentic Investigation of Security Alerts
Security analysts are overwhelmed by the volume of alerts and the low context provided by many detection systems. Early-stage investigations typically require manual correlation across multiple log sources, a task that is usually time-consuming. In this paper, we present an experimental, agentic...