CVE-2026-22261 Suricata eve/alert: http1 xff handling can lead to denial of service

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve...

EUVD-2016-1726

Malware in sbrugna...

EUVD-2019-8349

Malware in sbrugna...

EUVD-2019-2115

Malware in sbrugna...

EUVD-2019-2118

Malware in sbrugna...

EUVD-2019-6636

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-7177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching. CVE-2017-7177 Note that...

Linux Distros Unpatched Vulnerability : CVE-2024-23836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an...

Linux Distros Unpatched Vulnerability : CVE-2024-32663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount ...

DEBIAN-CVE-2016-10728

An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the toclient direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection...