Vulnerabilities > Oisf > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-06 | CVE-2020-19678 | Path Traversal vulnerability in multiple products Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a remote attacker to obtain sensitive information via the file parameter to suricata/suricata_logs_browser.php. | 7.5 |
| 2021-12-16 | CVE-2021-45098 | An issue was discovered in Suricata before 6.0.4. | 7.5 |
| 2021-07-22 | CVE-2021-35063 | Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion." | 7.5 |
| 2020-01-06 | CVE-2019-18625 | An issue was discovered in Suricata 5.0.0. | 7.5 |
| 2019-07-18 | CVE-2019-1010279 | Improper Verification of Cryptographic Signature vulnerability in Oisf Suricata Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. | 7.5 |
| 2019-07-18 | CVE-2019-1010251 | Improper Input Validation vulnerability in Oisf Suricata Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. | 7.5 |
| 2019-05-13 | CVE-2019-10050 | Out-of-bounds Read vulnerability in Oisf Suricata A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. | 7.5 |
| 2019-04-04 | CVE-2018-10242 | Out-of-bounds Read vulnerability in multiple products Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. | 7.5 |
| 2018-04-18 | CVE-2018-1000167 | Deserialization of Untrusted Data vulnerability in Oisf Suricata-Update 1.0.0A1 OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. | 7.8 |
| 2017-08-28 | CVE-2015-0928 | NULL Pointer Dereference vulnerability in Oisf Libhtp 0.5.15 libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference). | 7.5 |