Lucene search
K

31 matches found

Circl
Circl
added 2025/07/08 3:0 a.m.6 views

CVE-2020-9488

creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:06+00:00| published-proof-of-concept| Telegram/WYTR8OwkLU97UkoTqrFsYkLne3ILyF25xS57SENdXgZRo...

4.3CVSS6.3AI score0.08096EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/07/16 12:0 a.m.29 views

RHEL 7 : nutch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - log4j: improper validation of certificate with host mismatch in SMTP appender CVE-2020-9488 Note that Nessus has no...

3.7CVSS6.9AI score0.08096EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.31 views

RHEL 8 : nutch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - log4j: improper validation of certificate with host mismatch in SMTP appender CVE-2020-9488 Note that Nessus has no...

3.7CVSS6.9AI score0.08096EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 5 : log4j (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - log4j: Socket receiver deserialization vulnerability CVE-2017-5645 - Improper validation of certificate...

7.2AI score0.8904EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/26 3:33 p.m.78 views

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.7.1 Vulnerability Details CVEID:CVE-2023-0767 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, could allow a remote attacker to execute arbitrary code on the system, caused by an...

9.8CVSS10AI score0.8377EPSS
Exploits22Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.4 views

SUSE CVE-2020-9488

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1...

3.7CVSS8.5AI score0.08096EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/03 4:43 p.m.161 views

Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities including remote code execution in Apache Log4j 1.x

Summary IBM Data Risk Manager IDRM 2.0.6.13, which is the only supported version, is impacted by multiple vulnerabilities including Apache Log4j 1.x CVE-2019-17571, CVE-2022-23305, CVE-2022-23307, CVE-2022-23302, CVE-2021-4104, CVE-2020-9488, CVE-2020-9493 which was bundled within hadoop-client...

9.8CVSS10AI score0.81147EPSS
Exploits34Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/20 3:54 p.m.72 views

Security Bulletin: Multiple security vulnerabilities found in open source code that is shipped with IBM Security Verify Governance, Identity Manager virtual appliance component

Summary IBM has found several open source vulnerabilites in the IBM Security Verify Governance, Identity Manager virtual appliance product, including Apache Log4j, which is used by IBM Security Verify Governance, Identity Manager virtual appliance component as part of its logging infrastructure...

10CVSS10AI score0.99999EPSS
Exploits358Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/22 10:12 p.m.57 views

Security Bulletin: IBM Spectrum LSF Suite and IBM Platform Process Manager are vulnerable to arbitrary code execution and denial of service due to Apache Log4j (CVE-2021-4104, CVE-2020-9488, CVE-2022-23302, CVE-2022-23307, CVE-2022-23305)

Summary Apache Log4j is used by IBM Spectrum LSF Suite and IBM Platform Process Manager as part of its logging infrastructure. These vulnerabilities can be addressed by executing steps detailed in the Workaround section. These issues will be addressed in the next fix patch release 10.2.0.13 by en...

9.8CVSS1.4AI score0.81147EPSS
Exploits13Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/03 8:50 p.m.110 views

IBM Sterling B2B Integrator and Sterling Filegateway NOT Affected by CVE-2021-4104, CVE-2021- 44832, CVE-2019-17571, CVE-2022-23307, CVE-2022-23305, CVE-2022-23302 and CVE-2020-9488 Exploit

Abstract IBM Sterling B2B Integrator and Sterling Filegateway NOT Affected by CVE-2021-4104, CVE-2021- 44832, CVE-2019-17571, CVE-2022-23307, CVE-2022-23305,CVE-2022-23302 and CVE-2020-9488 Exploit. Security Bulletin Content Summary IBM Sterling B2B Integrator and Sterling Filegateway Products ar...

9.8CVSS0.7AI score0.81147EPSS
Exploits13
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/01 11:37 a.m.46 views

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty, IBM Java Runtime, Log4j, and Apache Commons affect IBM Spectrum Protect Snapshot for VMware

Summary Vulnerabilities in IBM WebSphere Application Server Liberty, IBM Runtime Environment Java, Log4j, and Apache Commons affect IBM Spectrum Protect Snapshot for VMware. The IBM Runtime Environment Java vulnerabilities were disclosed as part of the IBM Java SDK updates in April and July 2020...

9.8CVSS8.9AI score0.6906EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/01/19 12:0 a.m.949 views

Apache Log4j 1.x Multiple Vulnerabilities

According to its self-reported version number, the installation of Apache Log4j on the remote host is 1.x and is no longer supported. Log4j reached its end of life prior to 2016. Additionally, Log4j 1.x is affected by multiple vulnerabilities, including : - Log4j includes a SocketServer that...

9.8CVSS6.6AI score0.6906EPSS
Exploits4References7
OpenVAS
OpenVAS
added 2021/12/27 12:0 a.m.30 views

Debian: Security Advisory (DLA-2852-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS8.1AI score0.99999EPSS
Exploits20References4
OpenVAS
OpenVAS
added 2021/12/22 12:0 a.m.36 views

Apache Log4j 2.x < 2.13.2 Information Disclosure Vulnerability - Windows

Apache Log4j is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:log4j";...

4.3CVSS6.7AI score0.08096EPSS
Exploits0References2
Debian
Debian
added 2021/12/11 7:23 p.m.119 views

[SECURITY] [DSA 5020-1] apache-log4j2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5020-1 [email protected] https://www.debian.org/security/ Markus Koschany December 11, 2021 https://www.debian.org/security/faq -...

10CVSS9.3AI score0.99999EPSS
Exploits349
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/25 5:45 p.m.36 views

Security Bulletin: Vulnerability in Apache Log4j may affect Cúram Social Program Management (CVE-2020-9488)

Summary IBM Cúram Social Program Management uses the Apache Log4j libraries, for which there is a publicly known vulnerability. For this vulnerability, Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender...

4.3CVSS6.3AI score0.08096EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 2:56 p.m.155 views

Security Bulletin: Apache Log4j Vulnerabilities Affect IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has integrated multiple security vulnerability fixes from Apache Log4j, please see list of CVEs for vulnerability details Vulnerability Details CVEID: CVE-2017-5645 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system,...

9.8CVSS10.9AI score0.8904EPSS
Exploits50Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 12:30 p.m.52 views

Security Bulletin: IBM Security Guardium Insights is affected by components with known vulnerabilities (CVE-2018-10237, CVE-2020-9488)

Summary IBM Security Guardium Insights has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and CompoundOrdering class. By sendin...

5.9CVSS1.1AI score0.08096EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 5:3 a.m.113 views

Security Bulletin: Apache Log4j Vulnerability Affects IBM Control Center (CVE-2020-9488)

Summary Apache Log4j is vulnerable to a man-in-the-middle attack Vulnerability Details CVEID: CVE-2020-9488 DESCRIPTION: Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this...

4.3CVSS1.7AI score0.08096EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2021/02/17 1:40 p.m.125 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.10.0 security update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

7.4CVSS6.6AI score0.08665EPSS
Exploits1References5
Rows per page
Query Builder