MiracleLinux 7 : rsyslog-8.24.0-57.el7.3 (AXSA:2022-3197:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3197:02 advisory. rsyslog: Heap-based overflow in TCP syslog server CVE-2022-24903 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002526)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002526 advisory. The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local use...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002522)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002522 advisory. The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local use...

MiracleLinux 4 : rsyslog-4.6.2-3.AXS4.2 (AXSA:2011-613:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-613:01 advisory. Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine...

CVE-2008-6058

Syslserve 1.058 and earlier, and probably 1.059, allows remote attackers to cause a denial of service hang via a crafted UDP Syslog packet...

(0Day) ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability

This vulnerability allows remote attackers to execute web requests with a target user's privileges on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the functionality for viewing the syslo...

CVE-1999-0566

An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities...

CVE-1999-0063

Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port...

CVE-1999-0171

Denial of service in syslog by sending it a large number of superfluous messages...

CVE-1999-0099

Buffer overflow in syslog utility allows local or remote attackers to gain root privileges...

Elastic Beats filebeat 7.0.x < 8.19.9 / 9.0.x < 9.1.9 / 9.2.x 9.2.3 Multiple Vulnerabilities

The version of Elastic Beats filebeat installed on the remote host is 7.0.x prior to 8.19.9, 9.0.x prior to 9.1.9, 9.2.x prior to 9.2.3. It is, therefore, affected by multiple vulnerabilities. - Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a...

CVE-2025-68383

Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input via the Syslog parser or the Dissect configuration processor. An attacker can cause a denial of service by sending a malformed Syslog message or crafting a malicious tokenizer pattern...

EUVD-2025-204418

Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in Dissect Configuration...

Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in Dissect Configuration

Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...

GHSA-2MJ3-6GRC-PX38 Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in Dissect Configuration

Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...

CVE-2025-68383

Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...

CVE-2025-68383

Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...

CVE-2025-68383 Filebeat Improper Validation of Specified Index, Position, or Offset in Input

Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...

CVE-2025-68383 Filebeat Improper Validation of Specified Index, Position, or Offset in Input

Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...