1636 matches found
CVE-1999-0566
An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities...
CVE-1999-0063
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port...
CVE-1999-0171
Denial of service in syslog by sending it a large number of superfluous messages...
CVE-1999-0099
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges...
Elastic Beats filebeat 7.0.x < 8.19.9 / 9.0.x < 9.1.9 / 9.2.x 9.2.3 Multiple Vulnerabilities
The version of Elastic Beats filebeat installed on the remote host is 7.0.x prior to 8.19.9, 9.0.x prior to 9.1.9, 9.2.x prior to 9.2.3. It is, therefore, affected by multiple vulnerabilities. - Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a...
CVE-2025-68383
Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...
Improper Validation of Specified Quantity in Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input via the Syslog parser or the Dissect configuration processor. An attacker can cause a denial of service by sending a malformed Syslog message or crafting a malicious tokenizer pattern...
GHSA-2MJ3-6GRC-PX38 Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in Dissect Configuration
Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...
Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in Dissect Configuration
Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...
EUVD-2025-204418
Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in Dissect Configuration...
CVE-2025-68383
Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...
CVE-2025-68383
Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...
CVE-2025-68383 Filebeat Improper Validation of Specified Index, Position, or Offset in Input
Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...
CVE-2025-68383 Filebeat Improper Validation of Specified Index, Position, or Offset in Input
Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...
PT-2025-52365
Name of the Vulnerable Software and Affected Versions Filebeat affected versions not specified Libbeat affected versions not specified Description A flaw exists in the Syslog parser within Filebeat and the Dissect processor in Libbeat that allows for improper validation of input indexes, position...
Siemens SIPROTEC Inadequate Encryption Strength (CVE-2024-38867)
The affected devices are supporting weak ciphers on several ports 443/tcp for web, 4443/tcp for DIGSI 5 and configurable port for syslog over TLS. This could allow an unauthorized attacker in a man-in-the-middle position to decrypt any data passed over to and from those ports. This plugin only...
EUVD-2025-175340
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub432F60 function in prog.cgi stores user-supplied SetSysLogSettings/IPAddress values in NVRAM via nvramsafeset"SysLogRemoteIPAddress", .... These values are...
CVE-2025-60698
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub432F60 function in prog.cgi stores user-supplied SetSysLogSettings/IPAddress values in NVRAM via nvramsafeset"SysLogRemoteIPAddress", .... These values are...
CVE-2025-60698
The CVE-2025-60698 issue affects D-Link DIR-882 router firmware DIR882A1_FW102B02, where SetSysLogSettings/IPAddress stored in NVRAM via nvram_safe_set can be read and concatenated into a shell command executed by twsystem() in the rc binary. The root cause is un-sanitized retrieval of nvram valu...
Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2023-6779)
An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...