CVE-2024-47619 tranport: TLS host name wildcard matching too lax

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

PT-2025-20232 · Syslog-Ng +1 · Syslog-Ng +1

Name of the Vulnerable Software and Affected Versions: syslog-ng versions prior to 4.8.2 syslog-ng version 3.28.1-2+deb11u2 and earlier for Debian 11 bullseye Description: syslog-ng is an enhanced log daemon. Prior to version 4.8.2, tls wildcard match matches on certificates such as foo..bar...

PT-2025-20266 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: The issue is due to insufficient input validation in the web-based management interface, allowing an authenticated, low-privileged, remote attacker to perform an injection...

syslog-ng 安全漏洞

syslog-ng is an enhanced logging daemon from the syslog-ng team team. A wide range of input and output methods are supported: syslog, unstructured text, queues, SQL and NoSQL. A security vulnerability exists in syslog-ng versions prior to 4.8.2, which stems from the tlswildcardmatch function...

Ensure That Rotation Is Enabled for Audit Logs

maxlogfileaction decides the action taken when the size of a log file reaches the upper limit. By default, ROTATE is configured in openEuler, indicating that a new log file is created when the size of a log file reaches the upper limit and the original log file is not deleted. numlogs specifies t...

Support for Tunneling Syslog to On Premise Datacenter when using Adaptive Authentication on Cloud

Configure external syslog server when using Adaptive Authentication on Cloud...

Application firewall Logs are not logged locally in NetScaler

NetScaler appfw logs are being forwarded to the syslog server as expected. However, the logs are not being logged or displayed in the local /var/log/ns.log. Config: add audit syslogPolicy sysadv1 true sys1bind audit syslogGlobal -policyName sysadv1 -priority 100 -globalBindType APPFWGLOBA Before...

CVE-2025-3957

A vulnerability was found in opplus springboot-admin 1.0 and classified as critical. This issue affects some unknown processing of the file \src\main\resources\mapper\sys\SysLogDao.xml. The manipulation of the argument order leads to sql injection. The attack may be initiated remotely. The exploi...

spring-boot-admin 注入漏洞

spring-boot-admin is a codecentric open source based on Spring boot Mybatis open source backend management system , with user management , menu management and role management 3 functions , permission control to the button level . spring-boot-admin version 1.0 there are injection vulnerabilities ,...

CVE-2025-30649

An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed packets to cause a CPU Denial of Service DoS...

Juniper Networks Junos OS 输入验证错误漏洞

Juniper Networks Junos OS is a Juniper Networks, Inc. network operating system dedicated to the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS suffers from an input validation error vulnerability that stems from improper...

TOTOLINK A3000RU Access Control Error Vulnerability

The TOTOLINK A3000RU is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3000RU suffers from an Access Control Error vulnerability that originates from improper access control in the Syslog profile handling component in the file /cgi-bin/ExportSyslog.sh. No details of the...

Netscaler sends Syslog messages for SSL Handshake with ””

Syslog messages sent from the NetScaler to the external Syslog Server includes unexpected occurrence of "\n" Interestingly, a pattern is seen where ”\n” is seen periodically after every 6 messagesor similar Need to know if this a normal behavior or it's an issue...

CVE-2025-2688

A vulnerability classified as problematic was found in TOTOLINK A3000RU up to 5.9c.5185. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/ExportSyslog.sh of the component Syslog Configuration File Handler. The manipulation leads to improper access controls. The atta...

CVE-2025-2688

A vulnerability classified as problematic was found in TOTOLINK A3000RU up to 5.9c.5185. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/ExportSyslog.sh of the component Syslog Configuration File Handler. The manipulation leads to improper access controls. The atta...

CVE-2025-2688

A vulnerability classified as problematic was found in TOTOLINK A3000RU up to 5.9c.5185. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/ExportSyslog.sh of the component Syslog Configuration File Handler. The manipulation leads to improper access controls. The atta...

CVE-2025-2688 TOTOLINK A3000RU Syslog Configuration File ExportSyslog.sh access control

A vulnerability classified as problematic was found in TOTOLINK A3000RU up to 5.9c.5185. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/ExportSyslog.sh of the component Syslog Configuration File Handler. The manipulation leads to improper access controls. The atta...

CVE-2025-2688 TOTOLINK A3000RU Syslog Configuration File ExportSyslog.sh access control

A vulnerability classified as problematic was found in TOTOLINK A3000RU up to 5.9c.5185. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/ExportSyslog.sh of the component Syslog Configuration File Handler. The manipulation leads to improper access controls. The atta...

TOTOLINK A3000RU 安全漏洞

The TOTOLINK A3000RU is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3000RU suffers from an Access Control Error vulnerability that originates from improper access control in the Syslog profile handling component in the file /cgi-bin/ExportSyslog.sh. No details of the...

PT-2025-12563 · Totolink · Totolink A3000Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3000RU versions up to 5.9c.5185 Description: A problematic issue was found in the Syslog Configuration File Handler component, specifically in the file /cgi-bin/ExportSyslog.sh. This issue leads to improper access controls. The atta...