Lucene search
K

45 matches found

RedHat Linux
RedHat Linux
added 2022/07/01 12:52 a.m.5 views

rsyslog: Heap-based overflow in TCP syslog server

A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code...

8.1CVSS8AI score0.03821EPSS
Exploits0References5
OSV
OSV
added 2021/09/07 10:15 p.m.22 views

CVE-2021-32801

Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4...

5.5CVSS6.5AI score
Exploits0References4
Prion
Prion
added 2021/09/07 10:15 p.m.20 views

Code injection

Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4...

2.1CVSS5.6AI score0.00239EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/09/07 9:40 p.m.31 views

CVE-2021-32801 Exceptions may have logged Encryption-at-Rest key content in Nextcloud server

Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4...

5.5CVSS7.6AI score0.00239EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.23 views

Cisco Firepower Threat Defense Software VPN System Logging DoS (cisco-sa-ftd-dos-Rdpe34sd8)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a vulnerability in the VPN System Logging functionality due to the system memory not being properly freed for a VPN System Logging event generated when a VPN session is created or deleted. An...

8.6CVSS8AI score0.01795EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/05/15 12:0 a.m.4 views

The vulnerability of the VPN System Logging function in Cisco Firepower Threat Defense’s microprogramming-based network interface devices allows a intruder to trigger a service failure.

The vulnerability of the VPN System Logging function in Cisco Firepower Threat Defense FTD microprogramming systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

8.6CVSS7.6AI score0.01795EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/05/06 5:15 p.m.3 views

CVE-2020-3189

A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability...

8.6CVSS7.3AI score
Exploits0References1
Prion
Prion
added 2020/05/06 5:15 p.m.28 views

Design/Logic Flaw

A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability...

5CVSS8.4AI score0.01795EPSS
Exploits0References1Affected Software13
Cvelist
Cvelist
added 2020/05/06 4:41 p.m.31 views

CVE-2020-3189 Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability

A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability...

8.6CVSS8.6AI score0.01795EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/05/06 4:41 p.m.13 views

CVE-2020-3189 Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability

A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability...

8.6CVSS7.1AI score0.01795EPSS
Exploits0References1
CVE
CVE
added 2020/05/06 4:41 p.m.73 views

CVE-2020-3189

CVE-2020-3189 affects Cisco Firepower Threat Defense (FTD) Software VPN System Logging. Root cause: memory not properly freed for VPN System Logging events when a VPN session is created or deleted, allowing a remote, unauthenticated attacker to repeatedly create/delete VPN tunnels to leak memory ...

8.6CVSS8.5AI score0.01795EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2020/05/06 4:0 p.m.42 views

Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability

A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability...

8.6CVSS8.7AI score0.01795EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/11/29 10:54 p.m.15 views

CVE-2019-19451

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...

5.5CVSS5.5AI score0.0037EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2019/11/29 12:0 a.m.3 views

PT-2019-15841 · Gnome +3 · Gnome Dia +3

Name of the Vulnerable Software and Affected Versions: GNOME Dia versions prior to 2019-11-27 Description: The issue occurs when GNOME Dia is launched with a filename argument that is not a valid codepoint in the current encoding, causing it to enter an endless loop and write text to stdout. If...

5.5CVSS5.2AI score0.0037EPSS
Exploits0References32
NVD
NVD
added 2017/11/16 7:29 a.m.30 views

CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

6CVSS5.7AI score0.00326EPSS
Exploits0References2
Prion
Prion
added 2017/11/16 7:29 a.m.15 views

Design/Logic Flaw

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

2.1CVSS5.7AI score0.00326EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/11/16 7:0 a.m.22 views

CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

5.7AI score0.00326EPSS
Exploits0References2
CVE
CVE
added 2017/11/16 7:0 a.m.61 views

CVE-2017-12315

CVE-2017-12315 affects Cisco HyperFlex System: the vulnerability is in the system logging path during replication configuration, where sensitive information is not properly masked in log files. An authenticated, local attacker (administrative user) could view restricted information in the system ...

6CVSS5.6AI score0.00326EPSS
Exploits0References2Affected Software1
Cisco
Cisco
added 2017/11/15 4:0 p.m.46 views

Cisco HyperFlex System Authenticated Information Disclosure Vulnerability

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

6CVSS5.7AI score0.00326EPSS
Exploits0References1
Fedora
Fedora
added 2014/11/01 4:26 p.m.32 views

[SECURITY] Fedora 21 Update: sysklogd-1.5-18.fc21

The sysklogd package contains two system utilities syslogd and klogd which provide support for system logging. Syslogd and klogd run as daemons background processes and log system messages to different places, like sendmail logs, security logs, error logs, etc...

7.5CVSS1.9AI score0.07546EPSS
Exploits1
Rows per page
Query Builder