Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rsyslog rsyslog vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2015-3243
rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/log/cron.
Rsyslog Rsyslog -
NA
CVE-2014-3683
Integer overflow in rsyslog prior to 7.6.7 and 8.x prior to 8.4.2 and sysklogd 1.5 and previous versions allows remote malicious users to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-...
Rsyslog Rsyslog 8.3.5
Rsyslog Rsyslog 8.2.2
Rsyslog Rsyslog 8.2.1
Rsyslog Rsyslog 8.2.3
Rsyslog Rsyslog 8.1.6
Rsyslog Rsyslog 8.1.2
Rsyslog Rsyslog 8.1.1
Rsyslog Rsyslog 8.4.1
Rsyslog Rsyslog 8.3.2
Rsyslog Rsyslog 8.3.4
Rsyslog Rsyslog 8.1.4
Rsyslog Rsyslog 8.3.3
Rsyslog Rsyslog 8.3.0
Rsyslog Rsyslog 8.4.0
Rsyslog Rsyslog 8.1.5
Rsyslog Rsyslog
Rsyslog Rsyslog 8.1.0
Rsyslog Rsyslog 8.3.1
Rsyslog Rsyslog 8.1.3
Rsyslog Rsyslog 8.2.0
Sysklogd Project Sysklogd 1.4.1
Sysklogd Project Sysklogd 1.3
NA
CVE-2013-4758
Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog prior to 7.4.2 and prior to 7.5.2 devel, when errorfile is set to local logging, allows remote malicious users to cause a denial of service (crash) and possibly execu...
Rsyslog Rsyslog 6.5.1
Rsyslog Rsyslog 7.1.2
Rsyslog Rsyslog 7.3.13
Rsyslog Rsyslog 7.1.12
Rsyslog Rsyslog 7.2.5
Rsyslog Rsyslog 7.3.6
Rsyslog Rsyslog
Rsyslog Rsyslog 7.1.5
Rsyslog Rsyslog 6.6.0
Rsyslog Rsyslog 7.3.12
Rsyslog Rsyslog 7.2.6
Rsyslog Rsyslog 7.2.7
Rsyslog Rsyslog 7.1.6
Rsyslog Rsyslog 7.2.1
Rsyslog Rsyslog 7.1.8
Rsyslog Rsyslog 7.3.14
Rsyslog Rsyslog 7.3.1
Rsyslog Rsyslog 7.5.0
Rsyslog Rsyslog 6.4.2
Rsyslog Rsyslog 7.3.4
Rsyslog Rsyslog 7.3.3
Rsyslog Rsyslog 7.1.10
NA
CVE-2011-4623
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x prior to 4.6.6, 5.x prior to 5.7.4, and 6.x prior to 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffe...
Rsyslog Rsyslog 4.5.6
Rsyslog Rsyslog 4.1.2
Rsyslog Rsyslog 4.5.1
Rsyslog Rsyslog 4.6.3
Rsyslog Rsyslog 4.5.2
Rsyslog Rsyslog 4.1.1
Rsyslog Rsyslog 4.4.2
Rsyslog Rsyslog 4.6.4
Rsyslog Rsyslog 4.5.4
Rsyslog Rsyslog 4.3.2
Rsyslog Rsyslog 4.1.3
Rsyslog Rsyslog 4.5.3
Rsyslog Rsyslog 4.6.1
Rsyslog Rsyslog 4.1.0
Rsyslog Rsyslog 4.5.8
Rsyslog Rsyslog 4.1.5
Rsyslog Rsyslog 4.3.0
Rsyslog Rsyslog 4.6.2
Rsyslog Rsyslog 4.5.5
Rsyslog Rsyslog 4.4.0
Rsyslog Rsyslog 4.6.0
Rsyslog Rsyslog 4.5.0
1 Github repository
NA
CVE-2011-3200
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x prior to 4.6.8 and 5.2.0 up to and including 5.8.4 might allow remote malicious users to cause a denial of service (application exit) via a long TAG in a legacy syslog...
Rsyslog Rsyslog 4.6.6
Rsyslog Rsyslog 4.6.7
Rsyslog Rsyslog 4.6.3
Rsyslog Rsyslog 4.6.4
Rsyslog Rsyslog 4.6.1
Rsyslog Rsyslog 4.6.2
Rsyslog Rsyslog 4.6.0
Rsyslog Rsyslog 4.6.5
Rsyslog Rsyslog 5.5.6
Rsyslog Rsyslog 5.5.7
Rsyslog Rsyslog 5.4.2
Rsyslog Rsyslog 5.5.0
Rsyslog Rsyslog 5.5.4
Rsyslog Rsyslog 5.5.1
Rsyslog Rsyslog 5.6.1
Rsyslog Rsyslog 5.3.6
Rsyslog Rsyslog 5.8.3
Rsyslog Rsyslog 5.6.4
Rsyslog Rsyslog 5.7.5
Rsyslog Rsyslog 5.5.3
Rsyslog Rsyslog 5.8.0
Rsyslog Rsyslog 5.8.2
NA
CVE-2008-5617
The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote malicious users to bypass intended access restrictions and spoof log messages or create a large number of spurious messages.
Rsyslog Rsyslog 3.19.1
Rsyslog Rsyslog 3.12.2
Rsyslog Rsyslog 3.17.4
Rsyslog Rsyslog 3.13.0
Rsyslog Rsyslog 3.19.9
Rsyslog Rsyslog 3.12.4
Rsyslog Rsyslog 3.19.8
Rsyslog Rsyslog 4.1.1
Rsyslog Rsyslog 3.19.12
Rsyslog Rsyslog 3.19.11
Rsyslog Rsyslog 3.17.1
Rsyslog Rsyslog 3.19.6
Rsyslog Rsyslog 3.19.10
Rsyslog Rsyslog 3.17.0
Rsyslog Rsyslog 3.19.7
Rsyslog Rsyslog 3.12.3
Rsyslog Rsyslog 3.19.0
Rsyslog Rsyslog 4.1.0
Rsyslog Rsyslog 3.12.1
Rsyslog Rsyslog 3.15.1
Rsyslog Rsyslog 3.19.3
Rsyslog Rsyslog 3.12.5
NA
CVE-2008-5618
imudp in rsyslog 4.x prior to 4.1.2, 3.21 prior to 3.21.9 beta, and 3.20 prior to 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote malicious users to cause a denial of service (disk consumption) via a large number of spurious messages...
Rsyslog Rsyslog 4.1.1
Rsyslog Rsyslog 4.1.0
Rsyslog Rsyslog 3.12.1
Rsyslog Rsyslog 3.20.0
NA
CVE-2005-3074
SQL injection vulnerability in rsyslogd in RSyslog prior to 1.0.1 and prior to 1.10.1 allows remote malicious users to execute arbitrary SQL commands via crafted syslog messages.
Rsyslog Rsyslogd 0.9.8 Stable
Rsyslog Rsyslogd 0.8.2 Stable
Rsyslog Rsyslogd
Rsyslog Rsyslogd 0.9.7 Stable
Rsyslog Rsyslogd 0.9.6 Stable
Rsyslog Rsyslogd 0.9.4 Stable
Rsyslog Rsyslogd 0.9.0 Stable
Rsyslog Rsyslogd 0.8.1 Stable
Rsyslog Rsyslogd 0.9.5 Stable
Rsyslog Rsyslogd 0.9.3 Stable
Rsyslog Rsyslogd 0.9.1 Stable
Rsyslog Rsyslogd 0.8.4 Stable
Rsyslog Rsyslogd 0.8.3 Stable
Rsyslog Rsyslogd 1.0.0 Stable
Rsyslog Rsyslogd 0.8.0 Stable
Rsyslog Rsyslogd 0.9.2 Stable
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2