Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oneidentity syslog-ng vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1200
Balabit Syslog-NG 1.4.x prior to 1.4.15, and 1.5.x prior to 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote malicious users to cause a denial of serv...
Oneidentity Syslog-ng 1.4.0
Oneidentity Syslog-ng 1.4.7
Oneidentity Syslog-ng 1.4.8
Oneidentity Syslog-ng 1.4.9
Oneidentity Syslog-ng 1.4.10
Oneidentity Syslog-ng 1.4.15
Oneidentity Syslog-ng 1.5.15
Oneidentity Syslog-ng 1.5.20
NA
CVE-2011-0343
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to t...
Oneidentity Syslog-ng 2.0
Oneidentity Syslog-ng 3.0
Oneidentity Syslog-ng 3.1
Oneidentity Syslog-ng 3.2
7.5
CVSSv3
CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 up to and including 3.37 allows remote malicious users to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng S...
Oneidentity Syslog-ng Store Box
Oneidentity Syslog-ng
7.8
CVSSv3
CVE-2020-8019
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Ente...
Oneidentity Syslog-ng
NA
CVE-2011-1951
lib/logmatcher.c in Balabit syslog-ng prior to 3.2.4, when the global flag is set and when using PCRE 8.12 and possibly other versions, allows remote malicious users to cause a denial of service (memory consumption) via a message that does not match a regular expression.
Oneidentity Syslog-ng
NA
CVE-2008-5110
syslog-ng does not call chdir when it calls chroot, which might allow malicious users to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9.
Oneidentity Syslog-ng
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started