Snort\+\+
CVEs (23)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-40116 | Hig | 0.56 | 8.6 | 0.01 | Oct 27, 2021 | Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive… | ||
| CVE-2022-20685 | Hig | 0.49 | 7.5 | 0.01 | Nov 15, 2024 | A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An… | ||
| CVE-2021-1223 | Hig | 0.49 | 7.5 | 0.02 | Jan 13, 2021 | Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could… | ||
| CVE-2017-6657 | Hig | 0.49 | 7.5 | 0.01 | May 16, 2017 | Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether… | ||
| CVE-2021-1285 | Hig | 0.48 | 7.4 | 0.03 | Nov 18, 2024 | Multiple Cisco products are affected by a vulnerability in the Ethernet Frame Decoder of the Snort detection engine that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper handling of error… | ||
| CVE-2021-40114 | Med | 0.44 | 6.8 | 0.02 | Oct 27, 2021 | Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper… | ||
| CVE-2025-20359 | Med | 0.42 | 6.5 | 0.00 | Oct 15, 2025 | Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosure of possible sensitive data or cause the Snort 3 Detection Engine to crash. This vulnerability is due to an error in… | ||
| CVE-2025-20360 | Med | 0.38 | 5.8 | 0.00 | Oct 15, 2025 | Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a lack of complete error checking when the MIME fields of… | ||
| CVE-2021-1494 | Med | 0.38 | 5.8 | 0.01 | Nov 15, 2024 | Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An… | ||
| CVE-2024-20342 | Med | 0.38 | 5.8 | 0.01 | Oct 23, 2024 | Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection… | ||
| CVE-2023-20246 | Med | 0.38 | 5.8 | 0.01 | Nov 1, 2023 | Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access… | ||
| CVE-2022-20943 | Med | 0.38 | 5.8 | 0.01 | Nov 15, 2022 | Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected… | ||
| CVE-2021-1495 | Med | 0.38 | 5.8 | 0.02 | Apr 29, 2021 | Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker… | ||
| CVE-2021-1224 | Med | 0.38 | 5.8 | 0.02 | Jan 13, 2021 | Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect… | ||
| CVE-2020-3299 | Med | 0.38 | 5.8 | 0.02 | Oct 21, 2020 | Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked… | ||
| CVE-2021-1236 | Med | 0.35 | 5.3 | 0.02 | Jan 13, 2021 | Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An… | ||
| CVE-2020-3315 | Med | 0.35 | 5.3 | 0.02 | May 6, 2020 | Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles… | ||
| CVE-2026-20068 | 0.00 | — | 0.00 | Mar 4, 2026 | Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to… | |||
| CVE-2026-20067 | 0.00 | — | 0.00 | Mar 4, 2026 | Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to… | |||
| CVE-2026-20058 | 0.00 | — | 0.00 | Mar 4, 2026 | Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An… |
- risk 0.56cvss 8.6epss 0.01
Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive…
- risk 0.49cvss 7.5epss 0.01
A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An…
- risk 0.49cvss 7.5epss 0.02
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could…
- risk 0.49cvss 7.5epss 0.01
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether…
- risk 0.48cvss 7.4epss 0.03
Multiple Cisco products are affected by a vulnerability in the Ethernet Frame Decoder of the Snort detection engine that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper handling of error…
- risk 0.44cvss 6.8epss 0.02
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper…
- risk 0.42cvss 6.5epss 0.00
Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosure of possible sensitive data or cause the Snort 3 Detection Engine to crash. This vulnerability is due to an error in…
- risk 0.38cvss 5.8epss 0.00
Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a lack of complete error checking when the MIME fields of…
- risk 0.38cvss 5.8epss 0.01
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An…
- risk 0.38cvss 5.8epss 0.01
Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection…
- risk 0.38cvss 5.8epss 0.01
Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access…
- risk 0.38cvss 5.8epss 0.01
Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected…
- risk 0.38cvss 5.8epss 0.02
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker…
- risk 0.38cvss 5.8epss 0.02
Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect…
- risk 0.38cvss 5.8epss 0.02
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked…
- risk 0.35cvss 5.3epss 0.02
Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An…
- risk 0.35cvss 5.3epss 0.02
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles…
- CVE-2026-20068Mar 4, 2026risk 0.00cvss —epss 0.00
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to…
- CVE-2026-20067Mar 4, 2026risk 0.00cvss —epss 0.00
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to…
- CVE-2026-20058Mar 4, 2026risk 0.00cvss —epss 0.00
Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An…
Page 1 of 2