1636 matches found
CVE-2022-37108
An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...
Design/Logic Flaw
An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...
CVE-2022-37108
An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...
Securonix SNYPR 注入漏洞
Securonix SNYPR is an open, modular, next-generation security intelligence platform from Securonix, Inc. that combines log management, security information and events. A security vulnerability exists in Securonix SNYPR version 6.4, which stems from the syslog-ng configuration wizard that allows a...
CVE-2022-39046
A flaw was found in the glibc package. If the Syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...
CVE-2022-39046
An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...
CVE-2022-39046
An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...
CVE-2022-39046
An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...
CVE-2022-39046
An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...
Heap overflow
An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...
UBUNTU-CVE-2022-39046
An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...
GNU C Library 日志信息泄露漏洞
The GNU C Library glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A security vulnerability exists in GNU C Library glibc version 2.36, which stems from the fact that when the syslog function is passed a carefully crafted input string larger than 1024 byte...
CVE-2022-39046
An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...
CVE-2022-39046
CVE-2022-39046 : In the GNU C Library (glibc) 2.36, passing a crafted input string larger than 1024 bytes to syslog reads uninitialized heap memory and writes it to the log, potentially exposing heap contents. This is the vulnerability described in multiple sources (NVD, OSV, Gentoo GLSA). Affect...
syslog-ng 输入验证错误漏洞
One Identity syslog-ng is an open source log management solution from One Identity USA. The product supports log storage, log collection and troubleshooting. A security vulnerability exists in syslog-ng. An attacker exploits the vulnerability to trigger memory corruption via Timestamp Parser to...
Exploit for Cross-site Scripting in Intelbras Ata_200_Firmware
CVE-2022-24654 PoC of CVE-2022-24654 - INTELBRAS ATA 200 Firm...
Intelbras ATA 200 Cross Site Scripting
Exploit Title: Intelbras ATA 200 Authenticated Stored XSS Date: 17/01/2022 Exploit Author: Leonardo Goncalves Vendor Homepage: https://www.intelbras.com/pt-br/adaptador-ip-para-telefones-analogicos-ata-200 Version: Firmware 74.19.10.21 1 Log in the equipment via your web browser 2 Go to Managemen...
EulerOS 2.0 SP10 : rsyslog (EulerOS-SA-2022-2145)
According to the versions of the rsyslog package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted...
CVE-2022-34571
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the system key information and execute arbitrary commands via accessing the page syslog.shtml...
CVE-2022-34571
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the system key information and execute arbitrary commands via accessing the page syslog.shtml...