[SECURITY] Fedora 43 Update: suricata-7.0.16-1.fc43

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Fedora 43 : suricata (2026-03583f302f)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-03583f302f advisory. Upstream security/bugfix release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora: Security Advisory (FEDORA-2025-00748128e3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 43 Update: suricata-7.0.12-1.fc43

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Fedora: Security Advisory (FEDORA-2025-806d377171)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2018-0138

Malware in sbrugna...

EUVD-2024-52826

Malicious code in bioql PyPI...

EUVD-2024-37398

Malicious code in bioql PyPI...

[SECURITY] Fedora 39 Update: suricata-6.0.20-1.fc39

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Advisory ROSA-SA-2023-2310

software: hivex 1.3.23 OS: ROSA-CHROME packageevrstring: hivex-1.3.23-4.src.rpm CVE-ID: CVE-2021-3622 BDU-ID: 2021-04419 CVE-Crit: LOW CVE-DESC.: A vulnerability in the getchildren function of the getchildren library for retrieving the contents of Windows hivex registry branches is related to the...

OISF suricata-update unsafely deserializes YAML data

Suricata-Update uses the insecure yaml.load function. Code will be executed if the yaml-file contains lines like: yaml hello: !!python/object/apply:os.system 'ls -l /tmp/output' The vulnerable function can be triggered by "suricata-update list-sources". The locally stored index.yaml will be loade...

GHSA-7C4H-W765-6PWG OISF suricata-update unsafely deserializes YAML data

Suricata-Update uses the insecure yaml.load function. Code will be executed if the yaml-file contains lines like: yaml hello: !!python/object/apply:os.system 'ls -l /tmp/output' The vulnerable function can be triggered by "suricata-update list-sources". The locally stored index.yaml will be loade...

[SECURITY] Fedora 33 Update: suricata-5.0.6-1.fc33

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

MGASA-2020-0401 Updated suricata packages fix security vulnerabilities

The suricata package has been updated to version 4.1.9, which fixes security issues and other bugs. See the upstream announcements for details...

DLA-1603-1 suricata - security update

Bulletin has no description...

[SECURITY] Fedora 29 Update: suricata-4.0.6-1.fc29

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Remote Code Execution (RCE)

suricata-update is susceptible to remote code execution RCE while loading .yaml file. The vulnerability exists because it uses unsafe yaml.load function, allowing an attacker to load a .yaml file with malicious code, for example, hello: !!python/object/apply:os.system 'ls -l /tmp/output'...

PYSEC-2018-75

OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. The "list-sources"-command is affected by this bug. that can result in Remote...

Deserialization of untrusted data

OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. The "list-sources"-command is affected by this bug. that can result in Remote...

CVE-2018-1000167

OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. The "list-sources"-command is affected by this bug. that can result in Remote...