Suricata Security Vulnerabilities and Issues — Suricata CVE List

Lucene search

OisfSuricata

5 matches found

CVE•added 2019/07/18 7:15 p.m.•75 views

CVE-2019-1010279

Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c (https://github.com/OISF/suri...

7.5CVSS7.4AI score0.0025EPSS

CVE•added 2019/07/18 6:15 p.m.•52 views

CVE-2019-1010251

Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and ...

7.5CVSS7.3AI score0.00397EPSS

CVE•added 2019/04/04 3:29 p.m.•51 views

CVE-2018-10242

Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check.

7.5CVSS8.2AI score0.00413EPSS

CVE•added 2019/04/04 4:29 p.m.•44 views

CVE-2018-10244

Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data because DecodeENIPPDU in app-layer-enip-commmon.c has an integer overflow during a length check.

9.8CVSS9.2AI score0.00668EPSS

CVE•added 2019/05/13 5:29 p.m.•42 views

CVE-2019-10050

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control flow...

7.5CVSS7.5AI score0.00468EPSS