Vulnerabilities > Oisf

DATE CVE VULNERABILITY TITLE RISK
2019-04-04 CVE-2018-10244 Integer Overflow or Wraparound vulnerability in Oisf Suricata 4.0.4
Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU.
network
low complexity
oisf CWE-190
critical
9.8
2019-04-04 CVE-2018-10243 Out-of-bounds Read vulnerability in Oisf Libhtp 0.5.26
htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.
network
low complexity
oisf CWE-125
7.5
2019-04-04 CVE-2018-10242 Out-of-bounds Read vulnerability in multiple products
Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner.
network
low complexity
oisf debian CWE-125
7.5
2018-04-18 CVE-2018-1000167 Deserialization of Untrusted Data vulnerability in Oisf Suricata-Update 1.0.0A1
OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131.
network
oisf CWE-502
critical
9.3
2017-08-28 CVE-2015-0928 NULL Pointer Dereference vulnerability in Oisf Libhtp 0.5.15
libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference).
network
low complexity
oisf CWE-476
5.0