Vulnerabilities > Suricata IDS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-10 | CVE-2019-17420 | Improper Input Validation vulnerability in multiple products In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending. | 5.0 |
| 2019-09-24 | CVE-2019-16410 | Out-of-bounds Read vulnerability in Suricata-Ids Suricata 4.1.4 An issue was discovered in Suricata 4.1.4. | 6.4 |
| 2019-09-24 | CVE-2019-15699 | Out-of-bounds Read vulnerability in Suricata-Ids Suricata 4.1.4 An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. | 6.4 |
| 2019-08-28 | CVE-2019-10056 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Suricata-Ids Suricata 4.1.3/4.1.4 An issue was discovered in Suricata 4.1.3. | 5.0 |
| 2019-08-28 | CVE-2019-10054 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Suricata-Ids Suricata 4.1.3 An issue was discovered in Suricata 4.1.3. | 5.0 |
| 2019-08-28 | CVE-2019-10052 | Improper Enforcement of Message or Data Structure vulnerability in Suricata-Ids Suricata 4.1.3 An issue was discovered in Suricata 4.1.3. | 5.0 |
| 2019-08-28 | CVE-2019-10051 | Improper Check for Unusual or Exceptional Conditions vulnerability in Suricata-Ids Suricata 4.1.3/4.1.4 An issue was discovered in Suricata 4.1.3. | 5.0 |
| 2018-11-05 | CVE-2018-18956 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Suricata-Ids Suricata The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service (segfault and daemon crash) via crafted input to the SMTP parser, as exploited in the wild in November 2018. | 5.0 |
| 2018-07-23 | CVE-2018-14568 | Unspecified vulnerability in Suricata-Ids Suricata Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. | 5.0 |
| 2018-07-23 | CVE-2016-10728 | Improper Input Validation vulnerability in Suricata-Ids Suricata An issue was discovered in Suricata before 3.1.2. | 5.0 |