Vulnerabilities > Oisf > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-26 CVE-2024-23835 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
network
low complexity
oisf fedoraproject CWE-770
7.5
7.5
2024-02-26 CVE-2024-23836 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
network
low complexity
oisf fedoraproject CWE-770
7.5
7.5
2024-02-26 CVE-2024-23839 Use After Free vulnerability in multiple products
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
network
high complexity
oisf fedoraproject CWE-416
8.1
8.1
2023-06-19 CVE-2023-35852 Path Traversal vulnerability in Oisf Suricata
In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem.
network
low complexity
oisf CWE-22
7.5
7.5
2023-04-06 CVE-2020-19678 Path Traversal vulnerability in multiple products
Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a remote attacker to obtain sensitive information via the file parameter to suricata/suricata_logs_browser.php.
network
low complexity
oisf pfsense CWE-22
7.5
7.5
2021-12-16 CVE-2021-45098 An issue was discovered in Suricata before 6.0.4.
network
low complexity
oisf debian
7.5
7.5
2021-07-22 CVE-2021-35063 Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion."
network
low complexity
oisf debian fedoraproject
7.5
7.5
2020-01-06 CVE-2019-18625 An issue was discovered in Suricata 5.0.0.
network
low complexity
oisf debian
7.5
7.5
2019-07-18 CVE-2019-1010279 Improper Verification of Cryptographic Signature vulnerability in Oisf Suricata
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass.
network
low complexity
oisf CWE-347
7.5
7.5
2019-07-18 CVE-2019-1010251 Improper Input Validation vulnerability in Oisf Suricata
Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass.
network
low complexity
oisf CWE-20
7.5
7.5