Oisf Security Vulnerabilities (CVEs)
Track 29 security vulnerabilities affecting Oisf products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A stack overflow vulnerability in Suricata's Lua scripting engine allows attackers to cause denial of service or potentially execute arbitrary code by...
Nov 26, 2025A heap overflow vulnerability in Suricata's logging functionality can cause crashes when specific alert queue conditions are met. This affects Suricat...
Nov 26, 2025A stack overflow vulnerability in Suricata's SWF decompression feature can cause the IDS/IPS engine to crash when processing malicious SWF files. This...
Nov 26, 2025This vulnerability in Suricata allows an attacker to cause unbounded memory growth by sending specially crafted compressed HTTP data, potentially lead...
Nov 26, 2025A NULL pointer dereference vulnerability in Suricata's TLS subject alternative name parsing causes segmentation faults when processing malicious TLS c...
Oct 1, 2025CVE-2025-59147 is a detection bypass vulnerability in Suricata where crafted traffic with multiple SYN packets containing different sequence numbers w...
Oct 1, 2025A stack buffer overflow vulnerability in Suricata versions 8.0.0 allows attackers to potentially execute arbitrary code or cause denial of service. Th...
Oct 1, 2025A memory handling vulnerability in Suricata's HTTP/2 parser allows uncontrolled memory consumption when processing data on stream 0. This can lead to ...
Jul 22, 2025Suricata's decode_base64 keyword has insufficient memory allocation limits, allowing attackers to trigger excessive memory consumption up to 4GB per t...
Apr 10, 2025Suricata's default AF_PACKET defrag configuration causes packet truncation when reassembling fragmented packets, leading to incomplete network traffic...
Apr 10, 2025This vulnerability in Suricata allows attackers to evade detection by using TCP urgent data (out-of-band data) to make Suricata analyze network traffi...
Jan 6, 2025This vulnerability in Suricata allows an attacker to trigger a large buffer overflow via specially crafted TCP streams, potentially leading to denial ...
Jan 6, 2025This vulnerability in Suricata allows attackers to send specially crafted DNS messages with compressed resource names that can cause excessive resourc...
Jan 6, 2025This vulnerability in Suricata allows attackers to cause a denial-of-service by sending specially crafted network traffic that triggers a stack overfl...
Jan 6, 2025CVE-2024-45797 is a resource exhaustion vulnerability in LibHTP, a widely-used HTTP parser library. Attackers can send specially crafted HTTP requests...
Oct 16, 2024CVE-2024-47188 is a denial-of-service vulnerability in Suricata's thash implementation where missing random seed initialization allows attackers to pr...
Oct 16, 2024This vulnerability in Suricata allows an attacker to cause a denial of service by triggering an assertion failure when rules use datasets with the uni...
Oct 16, 2024CVE-2024-38534 is a denial-of-service vulnerability in Suricata where specially crafted Modbus traffic can cause unlimited resource accumulation withi...
Jul 11, 2024A memory allocation failure in Suricata's HTTP inspection module leads to a NULL pointer dereference and crash when the http.memcap limit is reached. ...
Jul 11, 2024This vulnerability in Suricata involves improper handling of IP fragmentation anomalies, which can cause the intrusion detection/prevention system to ...
May 7, 2024CVE-2024-32663 is a memory exhaustion vulnerability in Suricata's HTTP/2 parser where small amounts of HTTP/2 traffic can cause excessive memory consu...
May 7, 2024CVE-2024-28871 is a denial-of-service vulnerability in LibHTP's HTTP parser where malformed request traffic causes excessive CPU usage. This affects a...
Apr 4, 2024Suricata versions before 6.0.17 and 7.0.4 are vulnerable to a denial-of-service attack when processing excessively long SSH banners. Attackers can cau...
Apr 3, 2024CVE-2024-23839 is a heap use-after-free vulnerability in Suricata's HTTP header parsing. Attackers can cause memory corruption and potential code exec...
Feb 26, 2024CVE-2024-23836 is a resource exhaustion vulnerability in Suricata where attackers can craft malicious network traffic to cause excessive CPU and memor...
Feb 26, 2024This vulnerability allows an attacker who controls external Suricata rules to perform directory traversal attacks, potentially writing arbitrary files...
Jun 19, 2023This vulnerability allows an adversary who controls an external source of Lua rules to execute arbitrary Lua code in Suricata. It affects Suricata ins...
Jun 19, 2023This vulnerability allows attackers to bypass HTTP-based intrusion detection signatures in Suricata by sending a crafted RST TCP packet with random TC...
Dec 16, 2021This vulnerability allows attackers to evade Suricata's TCP traffic inspection by sending a crafted sequence of TCP segments from a malicious client. ...
Nov 19, 2021Why Monitor Oisf Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 29+ known vulnerabilities affecting Oisf products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Oisf packages in under 60 seconds. No agents required - completely agentless scanning that works across Oisf deployments.
Free vulnerability database: Access detailed information about every Oisf CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Oisf CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
