Lucene search
K

88 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-49559

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00316EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3735

Malicious code in bioql PyPI...

5CVSS6.4AI score0.06225EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-1285

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in...

9.8CVSS7.1AI score0.49839EPSS
Exploits0References2
OSV
OSV
added 2025/08/16 12:5 a.m.2 views

MAL-2025-6887 Malicious code in log4net (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a2c71f77b101535649693701491e46504cc3c34a5d35b7fa696e435f25916f2a The OpenSSF Package Analysis project identified 'log4net' @ 4.0.1 npm as malicious. It is considered malicious because: - The package communicat...

7.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/16 12:5 a.m.4 views

Malicious code in log4net (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a2c71f77b101535649693701491e46504cc3c34a5d35b7fa696e435f25916f2a The OpenSSF Package Analysis project identified 'log4net' @ 4.0.1 npm as malicious. It is considered malicious because: - The package communicat...

7.1AI score
Exploits0
OSV
OSV
added 2024/06/15 12:0 a.m.18 views

OPENSUSE-SU-2024:12311-1 log4net-1.2.10-78.1 on GA media

These are all security issues fixed in the log4net-1.2.10-78.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS7.4AI score0.49839EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.10 views

OPENSUSE-SU-2024:10072-1 log4net-1.2.10-75.6 on GA media

These are all security issues fixed in the log4net-1.2.10-75.6 package on the GA media of openSUSE Tumbleweed...

5CVSS9.5AI score0.06225EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/12/01 6:15 a.m.4 views

CVE-2023-45253

An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library...

7.8CVSS7.1AI score0.00316EPSS
Exploits2References2
NVD
NVD
added 2023/12/01 6:15 a.m.25 views

CVE-2023-45253

An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library...

7.8CVSS0.00257EPSS
Exploits2References1
Prion
Prion
added 2023/12/01 6:15 a.m.13 views

Design/Logic Flaw

An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library...

4.3CVSS7.4AI score0.00316EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/01 12:0 a.m.7 views

CVE-2023-45253

An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library...

7.2AI score0.00316EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/12/01 12:0 a.m.23 views

CVE-2023-45253

An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library...

8AI score0.00316EPSS
Exploits2References1
CVE
CVE
added 2023/12/01 12:0 a.m.35 views

CVE-2023-45253

CVE-2023-45253 affects Huddly HuddlyCameraService prior to version 8.0.7 (excluding 7.99). The Red Hat entries describe a related DLL Hijacking weakness in the same product line, with write-privilege directory installation enabling file manipulation and potential privilege escalation. For CVE-202...

7.8CVSS7.7AI score0.00316EPSS
Exploits2References1Affected Software1
Rosalinux
Rosalinux
added 2023/06/20 10:11 a.m.34 views

Advisory ROSA-SA-2023-2169

software: log4net 1.2.15 OS: ROSA-CHROME packageevrstring: log4net-1.2.15-6.src.rpm CVE-ID: CVE-2018-1285 BDU-ID: 2021-01050 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the logging library to the .NET Framework log4net platform is related to XML external object XXE link restriction errors...

9.8CVSS6.9AI score0.49839EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.6 views

SUSE CVE-2006-0743

Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service memory corruption and termination via unknown vectors...

5CVSS7AI score0.06225EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.1 views

SUSE CVE-2018-1285

Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files...

6.3CVSS9.4AI score0.49839EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2022/12/27 7:55 p.m.127 views

K48127735: Apache log4net Vulnerability CVE-2018-1285

Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files. CVE-2018-1285 Impact There is no impact; F5 products are not affected...

9.8CVSS7.2AI score0.49839EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/10/05 12:0 a.m.48 views

Dotnetnuke 6.0.x < 9.11.0 Multiple Vulnerabilities (09.11.00)

According to its self-reported version, the instance of Dotnetnuke running on the remote web server is 6.0.x prior to 9.11.0. It is, therefore, affected by multiple vulnerabilities. - A third-party dependency, Moment.js, published security updates to their library. Fixes for the Issue DNN Platfor...

6.3AI score
Exploits0
OSV
OSV
added 2022/05/01 6:42 a.m.21 views

GHSA-F9FR-W54Q-772H Apache log4net format string vulnerability causes DoS

Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service memory corruption and termination via unknown vectors...

5CVSS9.2AI score0.06225EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/05/01 6:42 a.m.25 views

Apache log4net format string vulnerability causes DoS

Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service memory corruption and termination via unknown vectors...

5CVSS7.3AI score0.06225EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder