Known Vulnerabilities for products from Suricata-ids

Listed below are 18 of the newest known vulnerabilities associated with the vendor "Suricata-ids".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-59674 json Not Provided 2026-07-14 2026-07-15
CVE-2025-34178 json Not Provided 2025-09-09 2026-07-14
CVE-2025-34177 json Not Provided 2025-09-09 2026-07-14
CVE-2025-34176 json Not Provided 2025-09-09 2026-07-14
CVE-2025-34175 json Not Provided 2025-09-09 2026-07-14
CVE-2019-18792 json An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segmen... 9.1 - CRITICAL 2020-01-06 2021-07-21
CVE-2019-18625 json An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP ses... 7.5 - HIGH 2020-01-06 2023-02-01
CVE-2019-17420 json In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_he... 5.3 - MEDIUM 2019-10-10 2021-07-21
CVE-2019-16411 json An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4O... 9.8 - CRITICAL 2019-09-24 2019-10-02
CVE-2019-16410 json An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in def... 9.1 - CRITICAL 2019-09-24 2019-10-18
CVE-2019-15699 json An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser f... 9.1 - CRITICAL 2019-09-24 2019-09-25
CVE-2019-10056 json An issue was discovered in Suricata 4.1.3. The code mishandles the case of sending a network packet with the right type, such... 7.5 - HIGH 2019-08-28 2021-07-21
CVE-2019-10055 json An issue was discovered in Suricata 4.1.3. The function ftp_pasv_response lacks a check for the length of part1 and part2, le... 7.5 - HIGH 2019-08-28 2021-07-21
CVE-2019-10054 json An issue was discovered in Suricata 4.1.3. The function process_reply_record_v3 lacks a check for the length of reply.data. I... 7.5 - HIGH 2019-08-28 2021-07-21
CVE-2019-10053 json An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n ... 9.8 - CRITICAL 2019-05-13 2021-07-21
CVE-2019-10052 json An issue was discovered in Suricata 4.1.3. If the network packet does not have the right length, the parser tries to access a... 7.5 - HIGH 2019-08-28 2019-09-04
CVE-2019-10051 json An issue was discovered in Suricata 4.1.3. If the function filetracker_newchunk encounters an unsafe "Some(sfcm) => { ft.new_... 7.5 - HIGH 2019-08-28 2019-09-05
CVE-2018-18956 json The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial o... 7.5 - HIGH 2018-11-05 2020-08-24
CVE-2018-14568 json Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows ... 7.5 - HIGH 2018-07-23 2019-10-03
CVE-2018-10244 json Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to r... 9.8 - CRITICAL 2019-04-04 2019-04-07

Known software with vulnerabilities from Suricata-ids

Type Vendor Product Version
ApplicationSuricata-idsSuricata0.8.2
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report