54 matches found
SUSE CVE-2011-1488
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent...
[SECURITY] Fedora 37 Update: syslog-ng-3.37.1-2.fc37
syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases SQL and NoSQL alike and more. Key features: receive and send RFC3164 and RFC5424 style syslog messages work with any kind of unstructured data receive and...
Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2022-2145)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the Red Database database management system lies in the concealment of information that is crucial for security purposes. This allows attackers to hide the origin or nature of their attacks.
The vulnerability of the Red Database management system is related to an error in the processing of binary audit logs in the database adapter. Exploiting this vulnerability allows a malicious actor to conceal the origin or nature of an attack by creating entries for audit logs in such a way that...
CVE-2022-24903
CVE-2022-24903 affects rsyslog TCP syslog reception modules, where heap-based overflow can occur when octet-counted framing is enabled. The root cause is that during parsing the octet count, digits are written to a heap buffer even if the count exceeds the maximum, allowing memory overrun; once t...
Fluent Bit Resource Management Error Vulnerability
Fluent Bit is an open source log processing and analysis system written in C. A security vulnerability exists in Fluent Bit versions 1.7.0 through 1.7.4, which stems from a dobule-free in "flb free".No details of the vulnerability are available at this time...
CVE-2020-20245
Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulnerability in the log process. An authenticated remote attacker can cause a Denial of Service due to improper memory access...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Fluent Bit Code Issue Vulnerability
Fluent Bit is an open source log processing and analysis system written in C. A code issue vulnerability exists in Fluent Bit that arises from improper design or implementation during code development of a networked system or product. No detailed vulnerability details are provided at this time...
Fluent Bit Buffer Overflow Vulnerability
Fluent Bit is an open source log processing and analysis system written in C. A buffer overflow vulnerability exists in Fluent Bit version 1.6.4, which stems from the fact that flbgzipcompress in flbgzip.c has an out-of-bounds write operation because it fails to use the correct calculation of the...
The vulnerability of the system log processing mechanism of the Cisco Identity Services Engine (ISE) platform allows a perpetrator to trigger a service failure.
The vulnerability of the system log processing mechanism of the Cisco Identity Services Engine ISE management platform is caused by synchronization errors when using a shared resource. Exploiting this vulnerability can allow a malicious actor to cause service failures...
CVE-2019-20496
cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing SEC-532...
CVE-2019-20496
cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing SEC-532...
Code injection
cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing SEC-532...
CVE-2019-20496
cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing SEC-532...
CVE-2019-20496
Summary: CVE-2019-20496 affects cPanel prior to 82.0.18, where log processing can trigger arbitrary chown operations as root. Affected software: cPanel (prior to 82.0.18). Root cause / impact: An unauthorized chown operation is possible during log processing, granting root-level ownership changes...
Moderate: Red Hat Bug Fix Advisory: rsyslog bug fix update
Updated rsyslog packages that fix one bug are now available for Red Hat Virtualization 4.3 Rsyslog rocket-fast system for log processing is an open-source software utility used for forwarding log messages in an IP network...
CVE-2017-18423
In cPanel before 66.0.2, domain log files become readable after log processing SEC-273...
CVE-2017-18428
In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing SEC-290...
CVE-2017-18428
In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing SEC-290...