Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1636 matches found

Tenable Nessus
Tenable Nessusadded 2025/05/14 12:0 a.m.5 views

Photon OS 5.0: Syslog PHSA-2025-5.0-0521

An update of the syslog package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0521. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS7.6AI score0.00507EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/05/14 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0137: rsyslog (ALINUX3-SA-2022:0137)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0137 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-24903: Rsyslog is a rocket-fast system for...

8.1CVSS7.5AI score0.00509EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2025/05/13 8:42 a.m.4 views

php: PHP-FPM Log Manipulation Vulnerability

A flaw was found in PHP-FPM, the FastCGI Process Manager. This vulnerability can allow an attacker to manipulate or remove up to 4 characters from log messages via crafted log content, potentially polluting or altering the final log. If PHP-FPM is configured to use syslog output, further log data...

3.3CVSS5.6AI score0.00667EPSS
Exploits1References5
Photon
Photonadded 2025/05/13 12:0 a.m.10 views

Critical Photon OS Security Update - PHSA-2025-5.0-0521

Updates of 'linux-esx', 'syslog-ng', 'linux' packages of Photon OS have been released...

9.8CVSS6.9AI score0.00507EPSS
Exploits2
RedhatCVE
RedhatCVEadded 2025/05/09 6:8 p.m.3 views

CVE-2025-20194

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...

5.4CVSS7.1AI score0.00308EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2025/05/09 3:46 a.m.1 views

SUSE CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS6.7AI score0.00507EPSS
Exploits1References3
Rockylinux
Rockylinuxadded 2025/05/07 7:11 p.m.7 views

rsyslog bug fix update

An update is available for rsyslog. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It...

7.3AI score
Exploits0
ATTACKERKB
ATTACKERKBadded 2025/05/07 6:15 p.m.1 views

CVE-2025-20194

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...

5.4CVSS6.7AI score0.00308EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2025/05/07 5:48 p.m.6 views

CVE-2025-20194

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...

5.4CVSS0.00308EPSS
Exploits0References1
CVE
CVEadded 2025/05/07 5:48 p.m.67 views

CVE-2025-20194

Cisco IOS XE Software Web-Based Management Interface vulnerability (CVE-2025-20194) affects Cisco IOS XE: an authenticated, low-privileged, remote attacker can exploit insufficient input validation in the web UI to perform an injection attack. Consequences described include reading limited files ...

5.4CVSS5.5AI score0.00308EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2025/05/07 4:15 p.m.12 views

CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS0.00507EPSS
Exploits1References5
OSV
OSVadded 2025/05/07 4:15 p.m.1 views

DEBIAN-CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS7.3AI score0.00507EPSS
Exploits1References1
OSV
OSVadded 2025/05/07 4:15 p.m.1 views

AZL-61729 CVE-2024-47619 affecting package syslog-ng for versions less than 4.3.1-3

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS5.8AI score0.00507EPSS
Exploits1References1
OSV
OSVadded 2025/05/07 4:15 p.m.0 views

AZL-61731 CVE-2024-47619 affecting package syslog-ng for versions less than 3.33.2-8

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS5.8AI score0.00507EPSS
Exploits1References1
OSV
OSVadded 2025/05/07 4:15 p.m.0 views

UBUNTU-CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS5.8AI score0.00507EPSS
Exploits1References7
CVE
CVEadded 2025/05/07 3:12 p.m.72 views

CVE-2024-47619

CVE-2024-47619 — syslog-ng TLS wildcard bug Affected product: syslog-ng (log daemon). Prior to version 4.8.2, the tls_wildcard_match() function can erroneously match on certificates like foo..bar and accept partial wildcards such as foo.a c.bar, which glib matches but should be considered invalid...

7.5CVSS7.2AI score0.00507EPSS
Exploits1References5Affected Software1
AlpineLinux
AlpineLinuxadded 2025/05/07 3:12 p.m.8 views

CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS7.3AI score0.00507EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/05/07 3:12 p.m.9 views

CVE-2024-47619 tranport: TLS host name wildcard matching too lax

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS0.00507EPSS
Exploits1References4
Debian CVE
Debian CVEadded 2025/05/07 3:12 p.m.10 views

CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS7.3AI score0.00507EPSS
Exploits1
OSV
OSVadded 2025/05/07 3:12 p.m.6 views

CVE-2024-47619 tranport: TLS host name wildcard matching too lax

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS7.2AI score0.00507EPSS
Exploits1References7
Rows per page
Query Builder