Vulnerabilities > Oisf > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-06-19 CVE-2023-35853 Unspecified vulnerability in Oisf Suricata
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code.
network
low complexity
oisf
critical
 9.8
9.8
2021-11-19 CVE-2021-37592 Out-of-bounds Write vulnerability in Oisf Suricata
Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.
network
low complexity
oisf CWE-787
critical
 9.8
9.8
2020-01-06 CVE-2019-18792 Interpretation Conflict vulnerability in multiple products
An issue was discovered in Suricata 5.0.0.
network
low complexity
oisf debian CWE-436
critical
 9.1
9.1
2019-04-04 CVE-2018-10244 Integer Overflow or Wraparound vulnerability in Oisf Suricata 4.0.4
Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU.
network
low complexity
oisf CWE-190
critical
 9.8
9.8
2019-04-04 CVE-2018-10243 Out-of-bounds Read vulnerability in Oisf Libhtp 0.5.26
htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.
network
low complexity
oisf CWE-125
critical
 9.8
9.8