45 matches found
rsyslog: Heap-based overflow in TCP syslog server
A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code...
CVE-2021-32801
Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4...
Code injection
Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4...
CVE-2021-32801 Exceptions may have logged Encryption-at-Rest key content in Nextcloud server
Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4...
Cisco Firepower Threat Defense Software VPN System Logging DoS (cisco-sa-ftd-dos-Rdpe34sd8)
According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a vulnerability in the VPN System Logging functionality due to the system memory not being properly freed for a VPN System Logging event generated when a VPN session is created or deleted. An...
The vulnerability of the VPN System Logging function in Cisco Firepower Threat Defense’s microprogramming-based network interface devices allows a intruder to trigger a service failure.
The vulnerability of the VPN System Logging function in Cisco Firepower Threat Defense FTD microprogramming systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
CVE-2020-3189
A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability...
Design/Logic Flaw
A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability...
CVE-2020-3189 Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability
A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability...
CVE-2020-3189 Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability
A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability...
CVE-2020-3189
CVE-2020-3189 affects Cisco Firepower Threat Defense (FTD) Software VPN System Logging. Root cause: memory not properly freed for VPN System Logging events when a VPN session is created or deleted, allowing a remote, unauthenticated attacker to repeatedly create/delete VPN tunnels to leak memory ...
Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability
A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability...
CVE-2019-19451
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...
PT-2019-15841 · Gnome +3 · Gnome Dia +3
Name of the Vulnerable Software and Affected Versions: GNOME Dia versions prior to 2019-11-27 Description: The issue occurs when GNOME Dia is launched with a filename argument that is not a valid codepoint in the current encoding, causing it to enter an endless loop and write text to stdout. If...
CVE-2017-12315
A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...
Design/Logic Flaw
A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...
CVE-2017-12315
A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...
CVE-2017-12315
CVE-2017-12315 affects Cisco HyperFlex System: the vulnerability is in the system logging path during replication configuration, where sensitive information is not properly masked in log files. An authenticated, local attacker (administrative user) could view restricted information in the system ...
Cisco HyperFlex System Authenticated Information Disclosure Vulnerability
A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...
[SECURITY] Fedora 21 Update: sysklogd-1.5-18.fc21
The sysklogd package contains two system utilities syslogd and klogd which provide support for system logging. Syslogd and klogd run as daemons background processes and log system messages to different places, like sendmail logs, security logs, error logs, etc...