EUVD-2007-3864

Malware in sbrugna...

GLSA-202305-09 : syslog-ng: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202305-09 syslog-ng: Denial of Service - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the...

SUSE CVE-2022-39046

An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...

CVE-2022-38725

An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...

CVE-2021-38703

Wireless devices running certain Arcadyan-derived firmware such as KPN Experia WiFi 1.00.15 do not properly sanitise user input to the syslog configuration form. An authenticated remote attacker could leverage this to alter the device configuration and achieve remote code execution. This can be...

PT-2021-22264 · Arcadyan · Arcadyan-Derived Firmware

Name of the Vulnerable Software and Affected Versions: Arcadyan-derived firmware versions affected versions not specified Description: The issue concerns improper sanitization of user input to the syslog configuration form in certain wireless devices running Arcadyan-derived firmware. This can be...