Vulnerabilities > Oisf > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-06-19 CVE-2023-35853 Unspecified vulnerability in Oisf Suricata
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code.
network
low complexity
oisf
critical
 9.8
9.8
2020-01-06 CVE-2019-18792 Interpretation Conflict vulnerability in multiple products
An issue was discovered in Suricata 5.0.0.
network
low complexity
oisf debian CWE-436
critical
 9.1
9.1
2019-04-04 CVE-2018-10244 Integer Overflow or Wraparound vulnerability in Oisf Suricata 4.0.4
Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU.
network
low complexity
oisf CWE-190
critical
 9.8
9.8
2018-04-18 CVE-2018-1000167 Deserialization of Untrusted Data vulnerability in Oisf Suricata-Update 1.0.0A1
OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131.
network
oisf CWE-502
critical
 9.3
9.3