Vulnerabilities > Rsyslog > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-11-02 | CVE-2014-3683 | Numeric Errors vulnerability in multiple products Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. | 5.0 |
| 2013-10-04 | CVE-2013-4758 | Resource Management Errors vulnerability in Rsyslog Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response. | 6.8 |
| 2008-12-17 | CVE-2008-5618 | Denial-Of-Service vulnerability in RSyslog imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote attackers to cause a denial of service (disk consumption) via a large number of spurious messages. | 5.0 |