CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в syslog-ng

An integer overflow in the RFC3164 parser in One Identity syslog-ng versions 3.0 through 3.37 allows remote attackers to cause a Denial of Service by manipulating crafted syslog inputs, which are mishandled by the TCP or network functions. Syslog-ng Premium Edition 7.0.30 and Syslog-ng Store Box...

7.5CVSS7.2AI score0.04916EPSS

Exploits0References2

Fedora•added 2025/05/17 2:2 a.m.•8 views

[SECURITY] Fedora 42 Update: syslog-ng-4.8.2-1.fc42

syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases SQL and NoSQL alike and more. Key features: receive and send RFC3164 and RFC5424 style syslog messages work with any kind of unstructured data receive and...

7.5CVSS7.7AI score0.00507EPSS

Exploits1

Fedora•added 2025/05/17 1:43 a.m.•10 views

[SECURITY] Fedora 41 Update: syslog-ng-4.8.2-1.fc41

7.5CVSS7.7AI score0.00507EPSS

Exploits1

Redos•added 2024/04/08 12:0 a.m.•20 views

ROS-20240408-05

RFC3164 analyzer vulnerability of Syslog-ng log processing utility is related to integer overflow. overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service denial of service...

7.5CVSS7AI score0.04916EPSS

Exploits0

Broadcom•added 2023/06/13 12:0 a.m.•33 views

An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service

An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...

7.5CVSS7.5AI score0.04916EPSS

Exploits0

Gentoo Linux•added 2023/05/03 12:0 a.m.•20 views

syslog-ng: Denial of Service

Background syslog replacement with advanced filtering features. Description An integer overflow in the RFC3164 parser allows remote attackers to cause a denial of service via crafted syslog input that is mishandled by the tcp or network function. Impact Attackers with access to input syslogs over...

7.5CVSS6.9AI score0.04916EPSS

Exploits0

Veracode•added 2023/03/12 2:5 p.m.•24 views

Denial Of Service (DoS)

syslog-ng is vulnerable to Denial Of Service DoS. The vulnerability exists due to the integer overflow in the RFC3164 parser in the library, which allows an attacker to cause an application crash through the syslog input that is mishandled by the TCP or network function...

7.5CVSS7.4AI score0.04916EPSS

Exploits0References10Affected Software1

OpenVAS•added 2023/03/08 12:0 a.m.•14 views

Debian: Security Advisory (DSA-5369-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.04916EPSS

Exploits0References4

Debian•added 2023/03/05 7:25 p.m.•33 views

[SECURITY] [DSA 5369-1] syslog-ng security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5369-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 05, 2023 https://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.04916EPSS

Exploits0

Tenable Nessus•added 2023/02/14 12:0 a.m.•18 views

Fedora 36 : syslog-ng (2023-43eb573065)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-43eb573065 advisory. Security fix for CVE-2022-38725 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

7.5CVSS7.4AI score0.04916EPSS

Exploits0References2

Microsoft CVE•added 2023/02/04 8:0 a.m.•1 views

...

7.5CVSS7.5AI score0.04916EPSS

Exploits0

OSV•added 2023/01/23 4:15 p.m.•3 views

AZL-13205 CVE-2022-38725 affecting package syslog-ng for versions less than 3.33.2-7

7.5CVSS7.2AI score0.04916EPSS

Exploits0References1

OSV•added 2023/01/23 4:15 p.m.•1 views

ALPINE-CVE-2022-38725

7.5CVSS7.2AI score0.04916EPSS

Exploits0References1

OSV•added 2023/01/23 4:15 p.m.•1 views

AZL-35289 CVE-2022-38725 affecting package syslog-ng for versions less than 4.3.1-2

7.5CVSS7.2AI score0.04916EPSS

Exploits0References1

UbuntuCve•added 2023/01/23 4:15 p.m.•50 views

CVE-2022-38725

7.5CVSS7.2AI score0.04916EPSS

Exploits0References3

OSV•added 2023/01/23 4:15 p.m.•1 views

UBUNTU-CVE-2022-38725

7.5CVSS7.2AI score0.04916EPSS

Exploits0References4

CVE•added 2023/01/23 12:0 a.m.•84 views

CVE-2022-38725

The CVE-2022-38725 issue is an integer overflow in the RFC3164 parser of One Identity syslog-ng 3.0 through 3.37, leading to Denial of Service when processing crafted syslog input. Affected products also include syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0. Multiple connected s...

7.5CVSS7.4AI score0.04916EPSS

Exploits0References7Affected Software2

AlpineLinux•added 2023/01/23 12:0 a.m.•16 views

CVE-2022-38725

7.5CVSS7.7AI score0.04916EPSS

Exploits0

Metasploit•added 2011/09/02 3:55 p.m.•48 views

rsyslog Long Tag Off-By-Two DoS

This module triggers an off-by-two overflow in the rsyslog daemon. This flaw is unlikely to yield code execution but is effective at shutting down a remote log daemon. This bug was introduced in version 4.6.0 and corrected in 4.6.8/5.8.5. Compiler differences may prevent this bug from causing any...

5CVSS0.6AI score0.63906EPSS

Exploits2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by