Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1662 matches found

OpenVAS
OpenVASadded 2024/03/04 12:0 a.m.15 views

openSUSE: Security Advisory for syslog (openSUSE-SU-2023:0040-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02403EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/02/29 12:0 a.m.26 views

CentOS 9 : rsyslog-8.2102.0-111.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the rsyslog-8.2102.0-111.el9 build changelog. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted...

8.1CVSS7.5AI score0.03553EPSS
Exploits0References2
OSV
OSVadded 2024/02/13 7:15 p.m.5 views

CVE-2024-1354

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the syslog-ng configuration file. Exploitation of this vulnerability required access to the GitHub...

8CVSS5.8AI score0.0172EPSS
Exploits0References4
Prion
Prionadded 2024/02/13 7:15 p.m.27 views

Command injection

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the syslog-ng configuration file. Exploitation of this vulnerability required access to the GitHub...

4.3CVSS7.7AI score0.0172EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2024/02/13 6:50 p.m.19 views

CVE-2024-1354 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the syslog-ng configuration file. Exploitation of this vulnerability required access to the GitHub...

8CVSS8.4AI score0.0172EPSS
Exploits0References4
CVE
CVEadded 2024/02/13 6:50 p.m.106 views

CVE-2024-1354

CVE-2024-1354 describes a command-injection vulnerability in GitHub Enterprise Server where an attacker with editor privileges in the Management Console could escalate to admin SSH access via the syslog-ng configuration. The issue requires access to the GitHub Enterprise Server instance and Manag...

8CVSS8.1AI score0.0172EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2024/02/13 12:0 a.m.5 views

PT-2024-17967 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.12 Description: A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the...

8CVSS10AI score0.0172EPSS
Exploits0References8
Mageia
Mageiaadded 2024/02/04 2:49 a.m.61 views

Updated glibc packages fix security vulnerabilities

The updated packages fix security vulnerabilities: A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argumen...

8.4CVSS7.4AI score0.04794EPSS
Exploits9References3
Ubuntu
Ubuntuadded 2024/02/01 12:41 p.m.46 views

USN-6620-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library incorrectly handled the syslog function call. A local attacker could use this issue to execute arbitrary code and possibly escalate privileges...

8.4CVSS7.1AI score0.04794EPSS
Exploits9
Tenable Nessus
Tenable Nessusadded 2024/02/01 12:0 a.m.32 views

Ubuntu 23.10 : GNU C Library vulnerabilities (USN-6620-1)

The remote Ubuntu 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6620-1 advisory. It was discovered that the GNU C Library incorrectly handled the syslog function call. A local attacker could use this issue to execute arbitrary code and...

8.4CVSS7.7AI score0.04794EPSS
Exploits9References4
ATTACKERKB
ATTACKERKBadded 2024/01/31 2:15 p.m.0 views

CVE-2023-6246

A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name the basename of...

8.4CVSS6AI score0.04794EPSS
Exploits7References13
ATTACKERKB
ATTACKERKBadded 2024/01/31 2:15 p.m.1 views

CVE-2023-6780

An integer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message,...

8.4CVSS6AI score0.04794EPSS
Exploits8References10
OSV
OSVadded 2024/01/31 2:15 p.m.2 views

DEBIAN-CVE-2023-6780

An integer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message,...

5.3CVSS6.8AI score0.02689EPSS
Exploits2References1
OSV
OSVadded 2024/01/31 2:15 p.m.6 views

AZL-34735 CVE-2023-6246 affecting package glibc for versions less than 2.38-6

A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name the basename of...

7.8CVSS6.9AI score0.04794EPSS
Exploits7References1
OSV
OSVadded 2024/01/31 2:15 p.m.1 views

DEBIAN-CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

7.5CVSS8.1AI score0.03127EPSS
Exploits2References1
NVD
NVDadded 2024/01/31 2:15 p.m.16 views

CVE-2023-6780

An integer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message,...

5.3CVSS6.8AI score0.02689EPSS
Exploits2References11
OSV
OSVadded 2024/01/31 2:15 p.m.38 views

CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

7.5CVSS7.8AI score0.04794EPSS
Exploits8References10
NVD
NVDadded 2024/01/31 2:15 p.m.53 views

CVE-2023-6246

A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name the basename of...

8.4CVSS8.4AI score0.04794EPSS
Exploits7References13
OSV
OSVadded 2024/01/31 2:15 p.m.36 views

CVE-2023-6780

An integer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message,...

5.3CVSS7.8AI score0.04794EPSS
Exploits8References10
OSV
OSVadded 2024/01/31 2:15 p.m.35 views

CVE-2023-6246

A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name the basename of...

7.8CVSS7.7AI score0.04794EPSS
Exploits7References12
Rows per page
Query Builder