Browse all 4 CVE security advisories affecting rsyslog. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Rsyslog serves as a standardized system logging utility for Linux and Unix systems, centralizing log collection and management across enterprise environments. Historically, it has been susceptible to remote code execution vulnerabilities through crafted log messages, privilege escalation flaws in configuration handling, and cross-site scripting issues in web interface components. The project maintains a moderate security posture with four active CVEs, primarily related to input validation and boundary condition errors. While no major security incidents have been widely documented, its critical infrastructure role makes it a persistent target for attackers seeking to cover tracks or disrupt monitoring capabilities. Regular updates and strict input sanitization remain essential for secure deployment.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-24903 | Buffer overflow in TCP syslog server (receiver) components in rsyslog — rsyslogCWE-120 | 8.1 | High | 2022-05-05 |
| CVE-2011-1490 | Adiscon Rsyslog 安全漏洞 — rsyslog | 5.5 | - | 2019-11-14 |
| CVE-2011-1489 | Adiscon Rsyslog 安全漏洞 — rsyslog | 5.5 | - | 2019-11-14 |
| CVE-2011-1488 | Adiscon Rsyslog 安全漏洞 — rsyslog | 5.5 | - | 2019-11-14 |
This page lists every published CVE security advisory associated with rsyslog. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.