Vulnerabilities > Suricata IDS

DATE CVE VULNERABILITY TITLE RISK
2018-11-05 CVE-2018-18956 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Suricata-Ids Suricata
The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service (segfault and daemon crash) via crafted input to the SMTP parser, as exploited in the wild in November 2018.
network
low complexity
suricata-ids CWE-119
7.5
2018-07-23 CVE-2018-14568 Unspecified vulnerability in Suricata-Ids Suricata
Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server.
network
low complexity
suricata-ids
7.5
2018-07-23 CVE-2016-10728 Improper Input Validation vulnerability in Suricata-Ids Suricata
An issue was discovered in Suricata before 3.1.2.
network
low complexity
suricata-ids CWE-20
5.3
2018-02-07 CVE-2018-6794 Protection Mechanism Failure vulnerability in multiple products
Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream-tcp.c.
network
low complexity
suricata-ids debian CWE-693
5.3