Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1637 matches found

Debian CVE
Debian CVEadded 2022/05/05 12:0 a.m.70 views

CVE-2022-24903

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

8.1CVSS7.6AI score0.00509EPSS
Exploits0
Cvelist
Cvelistadded 2022/05/05 12:0 a.m.19 views

CVE-2022-24903 Buffer overflow in TCP syslog server (receiver) components in rsyslog

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

8.1CVSS8.8AI score0.00509EPSS
Exploits0References6
OSV
OSVadded 2022/05/05 12:0 a.m.32 views

CVE-2022-24903 Buffer overflow in TCP syslog server (receiver) components in rsyslog

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

8.1CVSS7.5AI score0.00509EPSS
Exploits0References8
AlpineLinux
AlpineLinuxadded 2022/05/05 12:0 a.m.44 views

CVE-2022-24903

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

8.1CVSS8.8AI score0.00509EPSS
Exploits0
CVE
CVEadded 2022/05/05 12:0 a.m.445 views

CVE-2022-24903

CVE-2022-24903 affects rsyslog TCP syslog reception modules, where heap-based overflow can occur when octet-counted framing is enabled. The root cause is that during parsing the octet count, digits are written to a heap buffer even if the count exceeds the maximum, allowing memory overrun; once t...

8.1CVSS8.7AI score0.00509EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded 2022/05/05 12:0 a.m.4 views

CVE-2022-24903 Buffer overflow in TCP syslog server (receiver) components in rsyslog

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

8.1CVSS8.6AI score0.00509EPSS
Exploits0References6
FreeBSD
FreeBSDadded 2022/05/05 12:0 a.m.44 views

rsyslog8 -- heap buffer overflow on receiving TCP syslog

Rainer Gerhards reports: Modules for TCP syslog reception have a heap buffer overflow when octet-counted framing is used. The attacker can corrupt heap values, leading to data integrity issues and availability impact. Remote code execution is unlikely to happen but not impossible...

8.1CVSS3.5AI score0.00509EPSS
Exploits0References1
Citrix
Citrixadded 2022/03/27 12:0 a.m.7 views

Citrix-ADM using localhost IP 127.0.0.1 to send syslog traffic to Splunk server

Citrix-ADM 13.0 76.29 is noted to be using localhost IP to send Syslog traffic instead of ADM IP to external Syslog server. As a result, Citrix ADM is not able to send the Syslog traffic to Splunk server successfully as seen below. A tcpdump on Citrix ADM also shows traffic is generated and sent...

7AI score
Exploits0
Kitploit
Kitploitadded 2022/03/18 8:30 p.m.18 views

S1EM - This Project Is A SIEM With SIRP And Threat Intel, All In One

Today, cyber attacks are more numerous and cause damage in companies. Nevertheless, many software products exist to detect cyber threats. The S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable. S1EM ...

7.4AI score
Exploits0References34
Citrix
Citrixadded 2022/03/01 12:0 a.m.5 views

How to send Application Firewall messages to a separate syslog server

This article describes how to send Application Firewall messages to a separate Syslog Server. Requirements A secure Filetransfer utility such as WinSCP A utility to open a SSH console to the appliance such as PuTTY...

7AI score
Exploits0
0day.today
0day.todayadded 2022/02/14 12:0 a.m.251 views

Slurp 1.10.2 Format String Vulnerability

Exploit Title: Slurp 1.10.2 - Remote Format String Date: 2022-02-12 Author: Milad Karimi slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp offe...

7.4AI score
Exploits0
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2018-0047)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.2AI score0.04711EPSS
Exploits0References6
OpenVAS
OpenVASadded 2021/12/23 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2021:4147-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS6.4AI score0.00274EPSS
Exploits0References26
OSV
OSVadded 2021/11/19 12:15 a.m.0 views

CVE-2021-40130

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

4.9CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2021/11/19 12:15 a.m.11 views

CVE-2021-40130

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

4.9CVSS0.00182EPSS
Exploits0References1
Prion
Prionadded 2021/11/19 12:15 a.m.9 views

Design/Logic Flaw

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

4CVSS5AI score0.00182EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/11/18 11:50 p.m.14 views

CVE-2021-40130 Cisco Common Services Platform Collector Improper Logging Restriction Vulnerability

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

4.9CVSS5.4AI score0.00182EPSS
Exploits0References1
CVE
CVEadded 2021/11/18 11:50 p.m.43 views

CVE-2021-40130

CVE-2021-40130 affects Cisco Common Services Platform Collector (CSPC) via the web application. The vulnerability arises from improper restriction of the syslog configuration, allowing an authenticated, remote attacker to configure non-log files as sources for syslog reporting. This could let the...

4.9CVSS5AI score0.00182EPSS
Exploits0References1Affected Software1
Cisco
Ciscoadded 2021/11/17 4:0 p.m.33 views

Cisco Common Services Platform Collector Improper Logging Restriction Vulnerability

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

4.9CVSS5AI score0.00182EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2021/11/17 12:0 a.m.1 views

PT-2021-4851 · Cisco · Cisco Common Services Platform Collector

Name of the Vulnerable Software and Affected Versions: Cisco Common Services Platform Collector CSPC affected versions not specified Description: A vulnerability in the web application of Cisco Common Services Platform Collector could allow an authenticated, remote attacker to specify non-log fil...

6.1CVSS4.7AI score0.00182EPSS
Exploits0References7
Rows per page
Query Builder