Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added three flaws to the Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The security vulnerabilities are as follows - CVE-2023-1389 CVSS score: 8.8 - TP-Link Archer AX-21 Command Injection...

PT-2021-5169

Name of the Vulnerable Software and Affected Versions Apache Log4j2 versions 2.0-beta9 through 2.15.0 Apache Log4j2 version 2.16.0 and later are not affected, as the vulnerable functionality has been completely removed. Description The vulnerability in Apache Log4j2 is related to the JNDI feature...