Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OISF — Vulnerabilities & Security Advisories 55

Browse all 55 CVE security advisories affecting OISF. AI-powered Chinese analysis, POCs, and references for each vulnerability.

The Open Information Security Foundation (OISF) develops and maintains Suricata, an open-source network intrusion detection and prevention system widely deployed for real-time traffic analysis. With fifty-five recorded Common Vulnerabilities and Exposures, the organization’s software has historically been susceptible to remote code execution, buffer overflow, and denial-of-service flaws, often stemming from complex packet parsing logic. These vulnerabilities occasionally allow attackers to crash the service or execute arbitrary commands on affected hosts. While no catastrophic data breaches directly attributed to OISF have been publicly documented, the high volume of CVEs highlights the inherent risks in maintaining large-scale, C-based security infrastructure. The foundation addresses these issues through regular updates and community-driven patching, emphasizing transparency in its security response process.

Top products by OISF: suricata libhtp
CVE IDTitleCVSSSeverityPublished
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support — suricataCWE-437 7.5 High2025-01-06
CVE-2024-55628 Suricata oversized resource names utilizing DNS name compression can lead to resource starvation — suricataCWE-405 7.5 High2025-01-06
CVE-2024-55627 Suricata segfault on StreamingBufferSlideToOffsetWithRegions — suricataCWE-191 5.9 Medium2025-01-06
CVE-2024-55626 Suricata oversized bpf file can lead to buffer overflow — suricataCWE-680 3.3 Low2025-01-06
CVE-2024-55605 Suricata allows stack overflow in transforms — suricataCWE-400 7.5 High2025-01-06
CVE-2024-47522 Suricata ja4: invalid alpn leads to panic — suricataCWE-617 7.5 High2024-10-16
CVE-2024-47188 Suricata http/byte-ranges: missing hashtable random seed leads to potential DoS — suricataCWE-330 7.5 High2024-10-16
CVE-2024-47187 Suricata datasets: missing hashtable random seed leads to potential DoS — suricataCWE-330 7.5 High2024-10-16
CVE-2024-45797 LibHTP's unbounded header handling leads to denial service — libhtpCWE-770 7.5 High2024-10-16
CVE-2024-45796 Suricata defrag: off by one can lead to policy bypass — suricataCWE-193 5.3 Medium2024-10-16
CVE-2024-45795 Suricata detect/datasets: reachable assertion with unimplemented rule option — suricataCWE-617 7.5 High2024-10-16
CVE-2024-38536 Suricata http/range: NULL-ptr deref when http.memcap is reached — suricataCWE-476 7.5 High2024-07-11
CVE-2024-38535 Suricata http2: oom from duplicate headers — suricataCWE-770 7.5 High2024-07-11
CVE-2024-38534 Suricata modbus: txs without responses are never freed — suricataCWE-770 7.5 High2024-07-11
CVE-2024-37151 Suricata defrag: IP ID reuse can lead to policy bypass — suricataCWE-754 5.3 Medium2024-07-11
CVE-2024-32867 Suricata's defrag contains various issues leading to policy bypass — suricataCWE-754 5.3 Medium2024-05-07
CVE-2024-32664 Suricata's base64 contains an out of bounds write — suricataCWE-122 5.3 Medium2024-05-07
CVE-2024-32663 Suricata 's http2 parser contains an improper compressed header handling can lead to resource starvation — suricataCWE-400 7.5 High2024-05-07
CVE-2024-28871 Excessive CPU used on malformed traffic — libhtpCWE-770 7.5 High2024-04-04
CVE-2024-28870 Suricata uses excessive resource use in malformed ssh traffic parsing — suricataCWE-770 7.5 High2024-04-03
CVE-2024-23837 LibHTP unbounded folded header handling leads to denial service — libhtpCWE-770 7.5 High2024-02-26
CVE-2024-24568 Suricata http2: header handling evasion — suricataCWE-284 5.3 Medium2024-02-26
CVE-2024-23839 Suricata http: heap use after free with http.request_header and http.response_header keywords — suricataCWE-416 7.1 High2024-02-26
CVE-2024-23836 crafted traffic can cause denial of service — suricataCWE-770 7.5 High2024-02-26
CVE-2024-23835 Suricata's pgsql: memory exhaustion use on record parsing — suricataCWE-400 7.5 High2024-02-26

This page lists every published CVE security advisory associated with OISF. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.