Astra Linux - уязвимость в syslog-ng

An integer overflow in the RFC3164 parser in One Identity syslog-ng versions 3.0 through 3.37 allows remote attackers to cause a Denial of Service by manipulating crafted syslog inputs, which are mishandled by the TCP or network functions. Syslog-ng Premium Edition 7.0.30 and Syslog-ng Store Box...

Astra Linux - уязвимость в syslog-ng

syslog-ng is an enhanced logging daemon. Prior to version 4.8.2, the tlswildcardmatch function matched against certificates like foo..bar, although this is not allowed. It is also possible to pass partial wildcards, such as foo.ac.bar, which glib logs match, but this should be avoided/disabled...

SolarWinds Kiwi Syslog NG < 1.3.1 Sensitive Information Disclosure (CVE-2024-45718)

According to its self-reported version, the SolarWinds Kiwi Syslog NG installation on the remote host is version 1.3 or earlier. It is, therefore, affected by a cleartext storage of sensitive information vulnerability. Sensitive data could be exposed to non-privileged users in a configuration fil...

Siemens SCALANCE and RUGGEDCOM Improper Certificate Validation (CVE-2024-47619)

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

EUVD-2020-28932

Malware in sbrugna...

EUVD-2007-6403

Malware in sbrugna...

EUVD-2011-0369

Malware in sbrugna...

EUVD-2002-1184

Malware in sbrugna...

EUVD-2011-1945

Malware in sbrugna...

EUVD-2021-21248

Malware in sbrugna...

EUVD-2008-5089

Malware in sbrugna...

EUVD-2022-41292

Malicious code in bioql PyPI...

EUVD-2022-39761

Malicious code in bioql PyPI...

EUVD-2024-17111

Malicious code in bioql PyPI...

EUVD-2024-54457

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-47619

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also...

Linux Distros Unpatched Vulnerability : CVE-2022-38725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog inp...

Debian: Security Advisory (DLA-4182-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4182-1] syslog-ng security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4182-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA May 28, 2025 https://wiki.debian.org/LTS -...

DLA-4182-1 syslog-ng - security update

Bulletin has no description...