Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.7 views

Suricata 8.x < 8.0.5 Multiple Vulnerabilities

The version of OISF Suricata installed on the remote host is 8.x prior to 8.0.5. It is, therefore, affected by multiple vulnerabilities, including: - LDAP transaction state could store an unbounded number of responses. Because LDAP can be processed over UDP, crafted traffic may cause Suricata to...

5.6AI score0.00086EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-31933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/28 12:25 a.m.6 views

SUSE CVE-2026-22260

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, Suricata can crash with a stack overflow. Version 8.0.3 patches the issue. As a workaround, use default values for request-body-limit and response-body-limit...

7.5CVSS5.9AI score0.00494EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/27 4:17 p.m.5 views

EUVD-2026-4784

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

7.5CVSS6AI score0.00483EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/11/26 11:3 p.m.7 views

CVE-2025-64330

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

7.5CVSS5.2AI score0.0032EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-6477

Malware in sbrugna...

7.5CVSS7.5AI score0.01999EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-24150

Malware in sbrugna...

9.8CVSS8.8AI score0.01552EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-2316

Malware in sbrugna...

7.5CVSS8.5AI score0.01562EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-10710

Malicious code in bioql PyPI...

6.2CVSS6.3AI score0.00234EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-16410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory regi...

9.1CVSS8.1AI score0.02055EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2018-18956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service segfault and daemon crash...

7.5CVSS7.4AI score0.02794EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-10244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data becau...

9.8CVSS8.3AI score0.01643EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-10055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Suricata 4.1.3. The function ftppasvresponse lacks a check for the length of part1 and part2, leading to a crash within the ftp/mod.r...

7.8CVSS7.3AI score0.01445EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-55628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name...

7.5CVSS7.2AI score0.00668EPSS
Exploits0References3
NVD
NVD
added 2025/01/06 6:15 p.m.25 views

CVE-2024-55627

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer...

7.5CVSS0.00984EPSS
Exploits0References5
OSV
OSV
added 2025/01/06 6:4 p.m.18 views

CVE-2024-55629 Suricata generic detection bypass using TCP urgent support

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...

7.5CVSS6.4AI score0.00524EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/01/06 6:4 p.m.16 views

CVE-2024-55629 Suricata generic detection bypass using TCP urgent support

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...

7.5CVSS6.8AI score0.00524EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/06 6:2 p.m.39 views

CVE-2024-55628 Suricata oversized resource names utilizing DNS name compression can lead to resource starvation

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...

7.5CVSS0.00668EPSS
Exploits0References5
OSV
OSV
added 2025/01/06 5:47 p.m.13 views

CVE-2024-55626 Suricata oversized bpf file can lead to buffer overflow

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8...

3.3CVSS6.9AI score0.00242EPSS
Exploits0References6
OSV
OSV
added 2025/01/06 5:7 p.m.10 views

CVE-2024-55605 Suricata allows stack overflow in transforms

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large input buffer to the tolowercase, touppercase, stripwhitespace, compresswhitespace, dotprefix, headerlowercase, strippseudoheaders, urldecode, or xor...

7.5CVSS6.9AI score0.00629EPSS
Exploits0References4
Rows per page
Query Builder