ROOT-APP-MAVEN-CVE-2022-23302 CVE-2022-23302 in io.root.log4j:log4j - Patched by Root

Root has patched CVE-2022-23302 in the io.root.log4j:log4j package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2019-17571 CVE-2019-17571 in io.root.log4j:log4j - Patched by Root

Root has patched CVE-2019-17571 in the io.root.log4j:log4j package for Root:Maven. Multiple fixed versions available...

Log4j: One Year Later

One year ago, the Log4j remote code execution vulnerability known as Log4Shell CVE-2021-44228 was announced. The critical severity level vulnerability in a logging framework used across virtually all Java environments quickly set the internet on fire when it was released and exploited. It’s...

Unknown APT group has targeted Russia repeatedly since Ukraine invasion

An unknown Advanced Persistent Threat APT group has targeted Russian government entities with at least four separate spear phishing campaigns since late February, 2022. The campaigns, discovered by the Malwarebytes Threat Intelligence team, are designed to implant a Remote Access Trojan RAT that...

Hotdog 安全漏洞

Hotdog is a set of OCI hooks for injecting Log4j Hot Patch into containers. An elevation of privilege vulnerability exists prior to Hotdog version 1.0.1 that stems from not mimicking the functionality of the target JVM process or SELinux tags. An attacker could use this vulnerability to allow...

Hotdog 安全漏洞

Hotdog is a set of OCI hooks for injecting Log4j Hot Patch into containers. A resource management error vulnerability exists in Hotdog versions prior to v1.0.2, which arises from an application that does not effectively perform resource limiting, device limiting, or syscall filters on the target...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

vuln4japi A vulnerable Java based REST API for demonstrating C...