Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-3634 | 2 Rsyslog, Sysklogd Project | 2 Rsyslog, Sysklogd | 2016-10-17 | 7.5 HIGH | N/A |
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access. | |||||
CVE-2014-3683 | 2 Rsyslog, Sysklogd Project | 2 Rsyslog, Sysklogd | 2016-10-17 | 5.0 MEDIUM | N/A |
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634. |