Vulnerabilities > Rsyslog > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-07 | CVE-2019-17042 | Improper Input Validation vulnerability in multiple products An issue was discovered in Rsyslog v8.1908.0. | 9.8 |
| 2019-10-07 | CVE-2019-17041 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Rsyslog v8.1908.0. | 9.8 |
| 2019-09-30 | CVE-2019-17040 | Out-of-bounds Read vulnerability in Rsyslog 8.1908.0 contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled. | 9.8 |
| 2018-03-23 | CVE-2018-1000140 | Out-of-bounds Write vulnerability in multiple products rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. | 9.8 |
| 2017-08-06 | CVE-2017-12588 | Use of Externally-Controlled Format String vulnerability in Rsyslog The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact. | 9.8 |