Every CVE whose affected-product data names Sourcefire Snort, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2003-0209 — CVSS 10.0 (critical): Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code…
CVE-2004-2652 — CVSS 7.8 (high): The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows…
CVE-2005-3252 — CVSS 7.5 (high): Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code…
CVE-2006-0839 — CVSS 5.0 (medium): The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows…
CVE-2006-2769 — CVSS 5.0 (medium): The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a…