Vulnerabilities > Snort > Snort > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-1495 | Improper Handling of Exceptional Conditions vulnerability in multiple products Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. | 5.3 |
| 2021-01-13 | CVE-2021-1236 | Always-Incorrect Control Flow Implementation vulnerability in multiple products Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. | 5.3 |
| 2021-01-13 | CVE-2021-1224 | Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. | 5.3 |
| 2021-01-13 | CVE-2021-1223 | Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. | 7.5 |
| 2020-10-21 | CVE-2020-3299 | Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. | 5.8 |
| 2009-10-28 | CVE-2009-3641 | Denial Of Service vulnerability in Snort Snort before 2.8.5.1, when the -v option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted IPv6 packet that uses the (1) TCP or (2) ICMP protocol. network snort | 4.3 |
| 2008-05-22 | CVE-2008-1804 | Unspecified vulnerability in Snort preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment. network snort | 6.8 |
| 2007-02-20 | CVE-2006-5276 | Stack Buffer Overflow vulnerability in Snort/Sourcefire DCE/RPC Packet Reassembly Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic. | 10.0 |
| 2007-01-16 | CVE-2006-6931 | Denial of Service vulnerability in Snort Backtracking Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a "backtracking attack." | 5.0 |