Lucene search
+L

16 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:4 a.m.36 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-31346 DESCRIPTION: AMD SEV-SNP Firmware could allow a local authenticated...

9.1CVSS10AI score0.03288EPSS
Exploits5Affected Software1
CBLMariner
CBLMariner
added 2025/02/05 10:13 p.m.34 views

CVE-2022-38725 affecting package syslog-ng for versions less than 4.3.1-2

CVE-2022-38725 affecting package syslog-ng for versions less than 4.3.1-2. A patched version of the package is available...

7.5CVSS6.9AI score0.02383EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.70 views

CVE-2022-38725 affecting package syslog-ng for versions less than 3.33.2-7

CVE-2022-38725 affecting package syslog-ng for versions less than 3.33.2-7. A patched version of the package is available...

7.5CVSS7.7AI score0.02383EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/03 12:0 a.m.24 views

GLSA-202305-09 : syslog-ng: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202305-09 syslog-ng: Denial of Service - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the...

7.5CVSS7.4AI score0.02383EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/03/06 12:0 a.m.18 views

Debian DSA-5369-1 : syslog-ng - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5369 advisory. - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that i...

7.5CVSS7.4AI score0.02383EPSS
Exploits0References5
Debian
Debian
added 2023/03/05 7:25 p.m.40 views

[SECURITY] [DSA 5369-1] syslog-ng security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5369-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 05, 2023 https://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.02383EPSS
Exploits0
Debian
Debian
added 2023/02/28 11:32 p.m.34 views

[SECURITY] [DLA 3348-1] syslog-ng security update

Debian LTS Advisory DLA-3348-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin March 01, 2023 https://wiki.debian.org/LTS Package : syslog-ng Version : 3.19.1-5+deb10u1 CVE ID : CVE-2022-38725 It was discovered that syslog-ng, a system logging daemon, had integer...

7.5CVSS7.2AI score0.02383EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.26 views

Fedora 37 : syslog-ng (2023-3d44a41fa3)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3d44a41fa3 advisory. Security fix for CVE-2022-38725 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

7.5CVSS7.4AI score0.02383EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.19 views

Fedora 36 : syslog-ng (2023-43eb573065)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-43eb573065 advisory. Security fix for CVE-2022-38725 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

7.5CVSS7.4AI score0.02383EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.21 views

SUSE SLES12 Security Update : syslog-ng (SUSE-SU-2023:0319-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0319-1 advisory. - CVE-2022-38725: Fixed an integer overflow in the RFC3164 protocol parser bsc1207460. Tenable has extracted the preceding description block...

7.5CVSS7.2AI score0.02383EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/02/10 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2023:0319-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02383EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2023/02/04 12:0 a.m.12 views

Security update for syslog-ng (moderate)

openSUSE Security Update: Security update for syslog-ng Announcement ID: openSUSE-SU-2023:0040-1 Rating: moderate References: 1207460 Cross-References: CVE-2022-38725 CVSS scores: CVE-2022-38725 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-38725 SUSE: 7.5...

7.5CVSS7AI score0.02383EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/01/23 4:15 p.m.56 views

CVE-2022-38725

An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...

7.5CVSS7.2AI score0.02383EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/01/23 12:0 a.m.8 views

CVE-2022-38725

An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...

7.8AI score0.02383EPSS
Exploits0References7
CVE
CVE
added 2023/01/23 12:0 a.m.103 views

CVE-2022-38725

The CVE-2022-38725 issue is an integer overflow in the RFC3164 parser of One Identity syslog-ng 3.0 through 3.37, leading to Denial of Service when processing crafted syslog input. Affected products also include syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0. Multiple connected s...

7.5CVSS7.4AI score0.02383EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2023/01/23 12:0 a.m.44 views

CVE-2022-38725

An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...

7.8AI score0.02383EPSS
Exploits0References7
Rows per page
Query Builder