Lucene search
K

101 matches found

OpenVAS
OpenVAS
added 2021/12/18 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2021:14866-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.81147EPSS
Exploits9References4
OpenVAS
OpenVAS
added 2021/12/18 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2021:4115-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.81147EPSS
Exploits9References4
Tenable Nessus
Tenable Nessus
added 2021/12/18 12:0 a.m.73 views

openSUSE 15 Security Update : log4j (openSUSE-SU-2021:4111-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:4111-1 advisory. - JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The...

7.5CVSS8.4AI score0.81147EPSS
Exploits9References4
Tenable Nessus
Tenable Nessus
added 2021/12/18 12:0 a.m.95 views

SUSE SLED15 / SLES15 Security Update : log4j12 (SUSE-SU-2021:4112-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:4112-1 advisory. - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662 Tenable has extracted the...

7.5CVSS7.2AI score0.81147EPSS
Exploits9References4
OSV
OSV
added 2021/12/17 8:42 p.m.56 views

GHSA-3W6P-8F82-GW8R Using JMSAppender in log4j configuration may lead to deserialization of untrusted data

Impact ClickHouse JDBC Bridge uses slf4j-log4j12 1.7.32, which depends on log4j 1.2.17. It allows a remote attacker to execute code on the server, if you changed default log4j configuration by adding JMSAppender and an insecure JMS broker. Patches The patch version 2.0.7 removed log4j dependency ...

8.1CVSS9.3AI score0.81147EPSS
Exploits9References4
Github Security Blog
Github Security Blog
added 2021/12/17 8:42 p.m.110 views

Using JMSAppender in log4j configuration may lead to deserialization of untrusted data

Impact ClickHouse JDBC Bridge uses slf4j-log4j12 1.7.32, which depends on log4j 1.2.17. It allows a remote attacker to execute code on the server, if you changed default log4j configuration by adding JMSAppender and an insecure JMS broker. Patches The patch version 2.0.7 removed log4j dependency ...

7.5CVSS1.4AI score0.81147EPSS
Exploits9References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/17 5:50 p.m.42 views

Security Bulletin: Log4Shell Vulnerability affects IBM SPSS Statistics (CVE-2021-4104)

Summary There is a vulnerability in the version of Log4j that is part of IBM SPSS Statistics. IBM SPSS Statistics has addressed this vulnerability. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by...

7.5CVSS2.3AI score0.81147EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/17 4:35 p.m.34 views

Security Bulletin: Vulnerability exists in Watson Explorer (CVE-2021-4104)

Summary Log4j is used by IBM Watson Explorer to log system events for diagnostics. This bulletin provides a remediation for the vulnerability, CVE-2021-4104 by upgrading Watson Explorer and thus addressing the exposure to the log4j vulnerability. Vulnerability Details CVEID: CVE-2021-4104...

7.5CVSS0.9AI score0.81147EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/17 2:1 p.m.31 views

Security Bulletin: IBM Kenexa LMS On Premise -Log4j - CVE-2021-4104 (Publicly disclosed vulnerability)

Summary We have identified that the IBM Kenexa LMS On Premise is affected by one or more security vulnerabilities. These have been tested in LMS 6.1.0 version. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the syste...

7.5CVSS1.7AI score0.81147EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/17 1:12 p.m.42 views

Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-4104) affects InfoSphere Data Replication

Summary There is a vulnerability in the version of Log4j that was included in InfoSphere Data Replication. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data wh...

7.5CVSS1AI score0.81147EPSS
Exploits9Affected Software1
OSV
OSV
added 2021/12/17 12:38 p.m.10 views

SUSE-SU-2021:4115-1 Security update for log4j

This update for log4j fixes the following issue: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

7.5CVSS8.9AI score0.81147EPSS
Exploits9References3
OSV
OSV
added 2021/12/17 11:19 a.m.14 views

OPENSUSE-SU-2021:4112-1 Security update for log4j12

This update for log4j12 fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

7.5CVSS7.9AI score0.81147EPSS
Exploits9References3
OSV
OSV
added 2021/12/17 11:19 a.m.3 views

SUSE-SU-2021:4112-1 Security update for log4j12

This update for log4j12 fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

7.5CVSS8.9AI score0.81147EPSS
Exploits9References3
OSV
OSV
added 2021/12/17 11:19 a.m.5 views

SUSE-SU-2021:4111-1 Security update for log4j

This update for log4j fixes the following issue: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

7.5CVSS8.9AI score0.81147EPSS
Exploits9References3
OSV
OSV
added 2021/12/17 11:18 a.m.5 views

OPENSUSE-SU-2021:4111-1 Security update for log4j

This update for log4j fixes the following issue: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

7.5CVSS7.9AI score0.81147EPSS
Exploits9References3
OSV
OSV
added 2021/12/17 10:36 a.m.21 views

SUSE-SU-2021:14866-1 Security update for log4j

This update for log4j fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

7.5CVSS8.9AI score0.81147EPSS
Exploits9References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/12/17 12:0 a.m.54 views

Security update for log4j12 (important)

openSUSE Security Update: Security update for log4j12 Announcement ID: openSUSE-SU-2021:4112-1 Rating: important References: 1193662 Cross-References: CVE-2021-4104 CVSS scores: CVE-2021-4104 SUSE: 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An update th...

6.4CVSS8.3AI score0.81147EPSS
Exploits9References1
OpenVAS
OpenVAS
added 2021/12/17 12:0 a.m.36 views

Apache Log4j 1.2.x RCE Vulnerability (Windows, Dec 2021) - Version Check

Apache Log4j is prone to a remote code execution RCE vulnerability in JMSAppender. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/16 11:54 a.m.38 views

Security Bulletin: Apache Log4j Affects IBM Sterling Connect:Direct File Agent (CVE-2021-4104)

Summary There is a vulnerability in Apache Log4j used by IBM Sterling Connect:Direct File Agent. IBM Sterling Connect:Direct File Agent has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on...

7.5CVSS1.8AI score0.81147EPSS
Exploits9Affected Software1
OpenVAS
OpenVAS
added 2021/12/16 12:0 a.m.30 views

Apache Log4j 1.2.x RCE Vulnerability (Linux/Unix, Dec 2021) - Version Check

Apache Log4j is prone to a remote code execution RCE vulnerability in JMSAppender. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9AI score
Exploits0References1
Rows per page
Query Builder