16 matches found
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-31346 DESCRIPTION: AMD SEV-SNP Firmware could allow a local authenticated...
CVE-2022-38725 affecting package syslog-ng for versions less than 4.3.1-2
CVE-2022-38725 affecting package syslog-ng for versions less than 4.3.1-2. A patched version of the package is available...
CVE-2022-38725 affecting package syslog-ng for versions less than 3.33.2-7
CVE-2022-38725 affecting package syslog-ng for versions less than 3.33.2-7. A patched version of the package is available...
GLSA-202305-09 : syslog-ng: Denial of Service
The remote host is affected by the vulnerability described in GLSA-202305-09 syslog-ng: Denial of Service - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the...
Debian DSA-5369-1 : syslog-ng - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5369 advisory. - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that i...
[SECURITY] [DSA 5369-1] syslog-ng security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5369-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 05, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3348-1] syslog-ng security update
Debian LTS Advisory DLA-3348-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin March 01, 2023 https://wiki.debian.org/LTS Package : syslog-ng Version : 3.19.1-5+deb10u1 CVE ID : CVE-2022-38725 It was discovered that syslog-ng, a system logging daemon, had integer...
Fedora 37 : syslog-ng (2023-3d44a41fa3)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3d44a41fa3 advisory. Security fix for CVE-2022-38725 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Fedora 36 : syslog-ng (2023-43eb573065)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-43eb573065 advisory. Security fix for CVE-2022-38725 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
SUSE SLES12 Security Update : syslog-ng (SUSE-SU-2023:0319-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0319-1 advisory. - CVE-2022-38725: Fixed an integer overflow in the RFC3164 protocol parser bsc1207460. Tenable has extracted the preceding description block...
SUSE: Security Advisory (SUSE-SU-2023:0319-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for syslog-ng (moderate)
openSUSE Security Update: Security update for syslog-ng Announcement ID: openSUSE-SU-2023:0040-1 Rating: moderate References: 1207460 Cross-References: CVE-2022-38725 CVSS scores: CVE-2022-38725 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-38725 SUSE: 7.5...
CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
CVE-2022-38725
The CVE-2022-38725 issue is an integer overflow in the RFC3164 parser of One Identity syslog-ng 3.0 through 3.37, leading to Denial of Service when processing crafted syslog input. Affected products also include syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0. Multiple connected s...
CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...