Lucene search
K

25 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 4:46 p.m.8 views

Security Bulletin: IBM® Db2® federated server is affected by a vulnerability in log4j-core-2.17.2 (CVE-2025-68161)

Summary IBM® Db2® federated server is affected by a vulnerability in log4j-core-2.17.2 CVE-2025-68161 Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer...

6.3CVSS6.3AI score0.00743EPSS
Exploits1Affected Software1
OSV
OSV
added 2026/06/21 8:3 a.m.6 views

ROOT-APP-MAVEN-CVE-2025-68161 CVE-2025-68161 in io.root.org.apache.logging.log4j:log4j-core - Patched by Root

Root has patched CVE-2025-68161 in the io.root.org.apache.logging.log4j:log4j-core package for Root:Maven. Multiple fixed versions available...

4.8CVSS5.8AI score0.00743EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 12:15 p.m.22 views

Security Bulletin: Multiple Vulnerabilities in Apache Log4j Core shipped in Tivoli Netcool/OMNIbus

Summary The Netcool/Omnibus 'Administrator GUI' and 'Accelerated Event Notification GUI' desktop components use a version of Apache Log4j that contains known vulnerabilities. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in...

7.5CVSS6.5AI score0.0086EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/05 4:22 p.m.8 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM DB2 shipped with IBM WebSphere Remote Server

Summary IBM DB2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin CVE-2025-36122, CVE-2025-14688, CVE-2025-67735, CVE-2025-68161, CVE-2026-1352, CVE-2025-12183, CVE-2026-1577, CVE-2026-3676...

8.8CVSS6.6AI score0.00743EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/29 7:49 p.m.6 views

Security Bulletin: IBM SPSS Analytic Server is affected by a TLS hostname verification vulnerability in Apache Log4j Core (CVE-2025-68161)

Summary IBM SPSS Analytic Server is affected by a TLS hostname verification vulnerability in Apache Log4j Core CVE-2025-68161. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9...

6.3CVSS6AI score0.00743EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/15 6:50 p.m.4 views

Security Bulletin: due to the use of Apache Log4j, IBM Transformation Extender Advanced is vulnerable to Host Mismatch

Summary Apache Log4j is used by IBM Transformation Extender Advanced also known as IBM Standards Processing Engine as part of common utility helpers. Apache Log4j has been updated to address CVE-2025-68161 which causes hostname mismatch. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The...

6.3CVSS6AI score0.00743EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31939

Name of the Vulnerable Software and Affected Versions Apache Log4j Core versions 2.12.0 through 2.25.3 Description A flaw exists where hostname verification is ignored when configured through the verifyHostName attribute of the '' element. This occurs even if the attribute is explicitly set,...

6.3CVSS5.1AI score0.00395EPSS
Exploits0References19
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 4:33 p.m.10 views

Security Bulletin: Multiple vulnerabilities in IBM Event Endpoint Management.

Summary Multiple vulnerabilities were addressed in IBM Event Endpoint Management 11.7.3 Vulnerability Details CVEID:CVE-2025-68470 DESCRIPTION: React Router is a router for React. In versions 6.0.0 through 6.30.1 and 7.0.0 through 7.9.5, an attacker-supplied path can be crafted so that when a Rea...

9.2CVSS6.1AI score0.00743EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/26 11:35 a.m.10 views

Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9

Summary Multiple vulnerabilities have been remediated in components used by IBM License Metric Tool Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate...

7.5CVSS6.8AI score0.02591EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 6:54 p.m.9 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Log4j (CVE-2025-68161)

Summary A vulnerability in Apache Log4j that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificat...

6.3CVSS5.8AI score0.00743EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/20 10:54 a.m.13 views

Security Bulletin: IBM App Connect for Manufacturing is vulnerable to Improper Validation of Certificate with Host Mismatch due to Apache Log4j Core (CVE-2025-68161)

Summary IBM App Connect for Manufacturing is vulnerable to Improper Validation of Certificate with Host Mismatch due to Apache Log4j Core Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostnam...

6.3CVSS6.5AI score0.00743EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/09 3:28 p.m.6 views

Security Bulletin: IBM Maximo Asset Configuration Manager uses log4j-core-2.17.1 which is vulnerable to CVE-2025-68161

Summary IBM Maximo Asset Configuration Manager uses log4j-core-2.17.1 which is vulnerable to CVE-2025-68161. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions...

6.3CVSS6.3AI score0.00743EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
added 2026/03/02 12:5 a.m.19 views

K000160192: Log4j vulnerability CVE-2025-68161

Security Advisory Description The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https: //logging. apache. org/log4j/2.x/manual/appenders/network...

6.3CVSS6.4AI score0.00743EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/16 5:39 a.m.15 views

Security Bulletin: Due to use of Apache Log4j, IBM Sterling Connect:Direct Web Services is affected by TLS hostname verification issue.

Summary Apache Log4j is used by IBM Sterling Connect:Direct Web Services CVE-2025-68161. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when...

6.3CVSS5.5AI score0.00743EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/03 6:14 a.m.9 views

Security Bulletin: Vulnerablity in Apache Log4j may affect IBM APM Internet Service Monitoring Agent

Summary There is a vulnerability in the Apache log4j library used by IBM APM Internet Service Monitoring Agent. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer...

6.3CVSS5.5AI score0.00743EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/24 12:0 a.m.5 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : log4j (SUSE-SU-2026:0254-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0254-1 advisory. Security fixes: - CVE-2025-68161: Fixed absent TLS hostname verification that may allow a man-in-the-midd...

6.3CVSS7.2AI score0.00743EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.4 views

Oracle Primavera Gateway (January 2026 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Apache Log4j. Supported versions that ar...

7.5CVSS6.9AI score0.00743EPSS
Exploits1References4
OSV
OSV
added 2026/01/22 4:8 p.m.3 views

SUSE-SU-2026:0254-1 Security update for log4j

This update for log4j fixes the following issues: Security fixes: - CVE-2025-68161: Fixed absent TLS hostname verification that may allow a man-in-the-middle attack bsc1255427 Other fixes: - Upgrade to 2.18.0 Added + Add support for Jakarta Mail API in the SMTP appender. + Add support for custom...

6.3CVSS5.7AI score0.00743EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Oracle GoldenGate for Big Data MiTM Vulnerability 19.x < 19.1.0.0.22 (January 2026 CPU)

According to its self-reported version number, the Oracle GoldenGate for Big Data application located on the remote host is affected by multiple vulnerabilities: - The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer...

6.3CVSS6.4AI score0.00743EPSS
Exploits1References2
Debian
Debian
added 2026/01/19 10:50 p.m.11 views

[SECURITY] [DLA 4444-1] apache-log4j2 security update

Debian LTS Advisory DLA-4444-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 19, 2026 https://wiki.debian.org/LTS Package : apache-log4j2 Version : 2.17.1-1deb11u2 CVE ID : CVE-2025-68161 Debian Bug : 1123744 In Apache Log4j2, a Java Logging Framework, t...

6.3CVSS6.5AI score0.00743EPSS
Exploits1
Rows per page
Query Builder