1660 matches found
CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
Integer overflow
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
UBUNTU-CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
CVE-2022-38725
The CVE-2022-38725 issue is an integer overflow in the RFC3164 parser of One Identity syslog-ng 3.0 through 3.37, leading to Denial of Service when processing crafted syslog input. Affected products also include syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0. Multiple connected s...
CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
Design/Logic Flaw
An Uncontrolled Resource Consumption vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause an FPC crash leading to a Denial of Service DoS. When a specific SNMP GET operation or a specific CLI command...
CVE-2023-22400
CVE-2023-22400 affects Juniper Networks Junos OS Evolved (evo-pfemand) and can cause an FPC crash/DoS due to a GUID leak triggered by specific SNMP GETs or CLI commands. Affected families include all versions before 20.4R3-S3-EVO; 21.1-EVO (21.1R1-EVO and later); all versions before 21.2R3-S4-EVO...
[SECURITY] Fedora 37 Update: golang-github-graylog2-gelf-2.0.0-6.20201111git1550ee6.fc37
GELF Graylog Extended Log Format is an application-level logging protocol t hat avoids many of the shortcomings of syslog. While it can be run over any stream or datagram transport protocol, it has special support chunking to allow lo ng messages to be split over multiple datagrams...
PT-2023-7985 · One Identity +3 · Syslog-Ng +5
Name of the Vulnerable Software and Affected Versions: One Identity syslog-ng versions 3.0 through 3.37 syslog-ng Premium Edition version 7.0.30 syslog-ng Store Box version 6.10.0 Description: The issue is related to an integer overflow in the RFC3164 parser, which can be exploited by remote...
NewStart CGSL CORE 5.04 / MAIN 5.04 : rsyslog Vulnerability (NS-SA-2022-0103)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rsyslog packages installed that are affected by a vulnerability: - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is use...
CVE-2020-23593
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery CSRF attack to enable syslog mode through ' /mgmlogcfg.asp.' The system starts to log events, 'Remote' mode or 'Both...
CVE-2020-23593
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery CSRF attack to enable syslog mode through ' /mgmlogcfg.asp.' The system starts to log events, 'Remote' mode or 'Both...
Cross site request forgery (csrf)
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery CSRF attack to enable syslog mode through ' /mgmlogcfg.asp.' The system starts to log events, 'Remote' mode or 'Both...
CVE-2020-23593
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery CSRF attack to enable syslog mode through ' /mgmlogcfg.asp.' The system starts to log events, 'Remote' mode or 'Both...
Optilink Network OP-XT71000N 跨站请求伪造漏洞
The Optilink Network OP-XT71000N is a wireless router from Optilink Network India. A cross-site request forgery vulnerability exists in the Optilink Network OP-XT71000N version V2.2, which stems from the fact that it allows an unauthenticated, remote attacker to enable syslog mode via...
CVE-2020-23593
CVE-2020-23593 affects OPTILINK OP-XT71000N hardware (V2.2) with firmware OP_V3.3.1-191028. A CSRF vulnerability allows an unauthenticated, remote attacker to enable syslog mode via the page /mgm_log_cfg.asp. When triggered, the device begins logging events in either Remote or Both mode and trans...
CVE-2020-23593
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery CSRF attack to enable syslog mode through ' /mgmlogcfg.asp.' The system starts to log events, 'Remote' mode or 'Both...