Known Vulnerabilities for products from Oisf
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Oisf".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-37592 | Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certai... | 9.8 - CRITICAL | 2021-11-19 | 2021-11-23 |
| CVE-2021-35063 | Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion." | 7.5 - HIGH | 2021-07-22 | 2023-11-07 |
| CVE-2020-19678 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-04-06 | 2023-04-18 |
| CVE-2019-1010279 | Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection b... | 7.5 - HIGH | 2019-07-18 | 2019-08-01 |
| CVE-2019-1010251 | Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass... | 7.5 - HIGH | 2019-07-18 | 2019-07-23 |
| CVE-2019-17420 | In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_he... | 5.3 - MEDIUM | 2019-10-10 | 2021-07-21 |
| CVE-2019-10050 | A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS... | 7.5 - HIGH | 2019-05-13 | 2019-10-24 |
| CVE-2018-1000167 | OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as... | 7.8 - HIGH | 2018-04-18 | 2018-05-22 |
| CVE-2018-10243 | htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-re... | 9.8 - CRITICAL | 2019-04-04 | 2019-04-08 |
| CVE-2015-0928 | libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference). | 7.5 - HIGH | 2017-08-28 | 2020-03-05 |
Known software with vulnerabilities from Oisf
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Oisf | Libhtp | 0.1 |
| Application | Oisf | Suricata | 0.8.2 |
| Application | Oisf | Suricata-update | 1.0.0 |