CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-37592
https://notcve.org/view.php?id=CVE-2021-37592
19 Nov 2021 — Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments. Suricata versiones anteriores a 5.0.8 y versiones 6.x anteriores a 6.0.4, permite una evasión de TCP por medio de un cliente con una pila TCP/IP diseñada que puede enviar una determinada secuencia de segmentos • https://forum.suricata.io/t/suricata-6-0-4-and-5-0-8-released/1942 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-35063
https://notcve.org/view.php?id=CVE-2021-35063
22 Jul 2021 — Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion." Suricata versiones anteriores a 5.0.7 y versiones 6.x anteriores a 6.0.3, presenta una "evasión crítica" • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990835 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-17420
https://notcve.org/view.php?id=CVE-2019-17420
09 Oct 2019 — In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending. En OISF LibHTP versiones anteriores a 0.5.31, como es usado en Suricata versión 4.1.4 y otros productos, un error de análisis del protocolo HTTP hace que la firma http_header no avise en una respuesta con un solo \r\n al final. • https://github.com/OISF/libhtp/compare/0.5.30...0.5.31 • CWE-459: Incomplete Cleanup •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-1010279
https://notcve.org/view.php?id=CVE-2019-1010279
18 Jul 2019 — Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c (https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b). The attack vector is: An attacker can trigger the vulnerability by a specifically crafted network TCP session. The fixed version is: 4.1.3. • https://github.com/OISF/suricata/pull/3625 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-1010251
https://notcve.org/view.php?id=CVE-2019-1010251
18 Jul 2019 — Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c (https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe, https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b). The attack ... • https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10050
https://notcve.org/view.php?id=CVE-2019-10050
13 May 2019 — A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control flow, such that the condition to leave the loop is true. After leaving the loop, the network packet has a length of 2 bytes. There is no validation of this length. Later on, the code tries to read at an empty position... • https://lists.openinfosecfoundation.org/pipermail/oisf-announce • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 1CVE-2018-1000167
https://notcve.org/view.php?id=CVE-2018-1000167
18 Apr 2018 — OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. The "list-sources"-command is affected by this bug. that can result in Remote Code Execution(even as root if suricata-update is called by root). This attack appears to be exploitable via a specially crafted yaml-file at https://www.openinfosecfoundation.org/rules/index.yaml. This vulnerabilit... • https://redmine.openinfosecfoundation.org/issues/2359 • CWE-502: Deserialization of Untrusted Data •