Vulnerabilities > Oisf

DATE CVE VULNERABILITY TITLE RISK
2021-11-19 CVE-2021-37592 Out-of-bounds Write vulnerability in Oisf Suricata
Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.
network
low complexity
oisf CWE-787
critical
9.8
2021-07-22 CVE-2021-35063 Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion."
network
low complexity
oisf debian fedoraproject
7.5
2020-01-06 CVE-2019-18625 An issue was discovered in Suricata 5.0.0.
network
low complexity
oisf debian
7.5
2020-01-06 CVE-2019-18792 Interpretation Conflict vulnerability in multiple products
An issue was discovered in Suricata 5.0.0.
network
low complexity
oisf debian CWE-436
critical
9.1
2019-10-10 CVE-2019-17420 Incomplete Cleanup vulnerability in multiple products
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
network
low complexity
suricata-ids oisf CWE-459
5.3
2019-07-18 CVE-2019-1010279 Improper Verification of Cryptographic Signature vulnerability in Oisf Suricata
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass.
network
low complexity
oisf CWE-347
7.5
2019-07-18 CVE-2019-1010251 Improper Input Validation vulnerability in Oisf Suricata
Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass.
network
low complexity
oisf CWE-20
7.5
2019-05-13 CVE-2019-10050 Out-of-bounds Read vulnerability in Oisf Suricata
A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4.
network
low complexity
oisf CWE-125
7.5
2019-04-04 CVE-2018-10244 Integer Overflow or Wraparound vulnerability in Oisf Suricata 4.0.4
Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU.
network
low complexity
oisf CWE-190
critical
9.8
2019-04-04 CVE-2018-10243 Out-of-bounds Read vulnerability in Oisf Libhtp 0.5.26
htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.
network
low complexity
oisf CWE-125
critical
9.8