Fedora 41 : syslog-ng (2025-0fc3d8b7bf)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-0fc3d8b7bf advisory. update to 4.8.2 to fix CVE-2024-47619 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Important Photon OS Security Update - PHSA-2025-4.0-0800

Updates of 'syslog-ng' packages of Photon OS have been released...

CBL Mariner 2.0 Security Update: syslog-ng (CVE-2024-47619)

The version of syslog-ng installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47619 advisory. - syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such...

Azure Linux 3.0 Security Update: syslog-ng (CVE-2024-47619)

The version of syslog-ng installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47619 advisory. - syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such...

CVE-2024-47619 affecting package syslog-ng for versions less than 3.33.2-8

CVE-2024-47619 affecting package syslog-ng for versions less than 3.33.2-8. A patched version of the package is available...

CVE-2024-47619 affecting package syslog-ng for versions less than 4.3.1-3

CVE-2024-47619 affecting package syslog-ng for versions less than 4.3.1-3. A patched version of the package is available...

Alibaba Cloud Linux 3 : 0137: rsyslog (ALINUX3-SA-2022:0137)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0137 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-24903: Rsyslog is a rocket-fast system for...

Photon OS 5.0: Syslog PHSA-2025-5.0-0521

An update of the syslog package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0521. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

php: PHP-FPM Log Manipulation Vulnerability

A flaw was found in PHP-FPM, the FastCGI Process Manager. This vulnerability can allow an attacker to manipulate or remove up to 4 characters from log messages via crafted log content, potentially polluting or altering the final log. If PHP-FPM is configured to use syslog output, further log data...

Critical Photon OS Security Update - PHSA-2025-5.0-0521

Updates of 'syslog-ng', 'linux-esx', 'linux' packages of Photon OS have been released...

CVE-2025-20194

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...

SUSE CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

rsyslog bug fix update

An update is available for rsyslog. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It...

CVE-2025-20194

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...

CVE-2025-20194

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...

CVE-2025-20194

Cisco IOS XE Software Web-Based Management Interface vulnerability (CVE-2025-20194) affects Cisco IOS XE: an authenticated, low-privileged, remote attacker can exploit insufficient input validation in the web UI to perform an injection attack. Consequences described include reading limited files ...

AZL-61731 CVE-2024-47619 affecting package syslog-ng for versions less than 3.33.2-8

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

AZL-61729 CVE-2024-47619 affecting package syslog-ng for versions less than 4.3.1-3

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

DEBIAN-CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...