Vulnerabilities > Snort > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-01 | CVE-2023-20246 | Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. | 5.3 |
2021-04-29 | CVE-2021-1495 | Improper Handling of Exceptional Conditions vulnerability in multiple products Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. | 5.3 |
2021-01-13 | CVE-2021-1236 | Always-Incorrect Control Flow Implementation vulnerability in multiple products Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. | 5.3 |
2021-01-13 | CVE-2021-1224 | Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. | 5.3 |
2020-10-21 | CVE-2020-3299 | Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. | 5.8 |
2017-01-23 | CVE-2016-1417 | Untrusted Search Path vulnerability in Snort 2.9.7.0 Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed. | 6.8 |
2009-10-28 | CVE-2009-3641 | Denial Of Service vulnerability in Snort Snort before 2.8.5.1, when the -v option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted IPv6 packet that uses the (1) TCP or (2) ICMP protocol. network snort | 4.3 |
2008-05-22 | CVE-2008-1804 | Unspecified vulnerability in Snort preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment. network snort | 6.8 |
2007-01-16 | CVE-2006-6931 | Denial of Service vulnerability in Snort Backtracking Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a "backtracking attack." | 5.0 |
2001-12-31 | CVE-2001-1558 | Denial-Of-Service vulnerability in Snort 1.8.0/1.8.1/1.8.2 Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 allows attackers to cause a denial of service (crash). | 5.0 |