19 matches found
GHSA-4F7C-PMJV-C25W Apache Log4net: Silent log event loss in XmlLayout and XmlLayoutSchemaLog4J due to unescaped XML 1.0 forbidden characters
Apache Log4net's XmlLayout https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list and XmlLayoutSchemaLog4J https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list , in versions before 3.3.0, fail to sanitize characters forbidden by the XML 1.0...
EUVD-2022-3735
Malicious code in bioql PyPI...
SUSE CVE-2006-0743
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service memory corruption and termination via unknown vectors...
K48127735: Apache log4net Vulnerability CVE-2018-1285
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files. CVE-2018-1285 Impact There is no impact; F5 products are not affected...
Apache log4net format string vulnerability causes DoS
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service memory corruption and termination via unknown vectors...
Oracle Application Testing Suite (Apr 2022 CPU)
The version of Oracle Application Testing Suite installed on the remote host is affected by a vulnerability as referenced in the April 2022 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps Apache log4ne...
Foxit PDF Reader < 11.2.1 Multiple Vulnerabilities
According to its version, the Foxit PDF Reader application previously named Foxit Reader installed on the remote Windows host is prior to 11.2.1. It is, therefore affected by multiple vulnerabilities: - Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204...
Foxit PDF Editor < 11.2.1 Multiple Vulnerabilities
According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 11.2.1. It is, therefore affected by multiple vulnerabilities: - Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and...
USN-4699-1: Apache Log4net vulnerability
It was discovered that Apache Log4net incorrectly handled certain configuration files. An attacker could possibly use this issue to expose sensitive information...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Apache Log4net vulnerability (USN-4699-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4699-1 advisory. It was discovered that Apache Log4net incorrectly handled certain configuration files. An attacker could possibly use this issue to expose...
DEBIAN-CVE-2018-1285
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files...
CVE-2018-1285
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files...
CVE-2018-1285
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files...
CVE-2018-1285
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files...
CVE-2018-1285
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files...
PT-2020-5531 · Apache +2 · Log4Net +2
Name of the Vulnerable Software and Affected Versions: Apache log4net versions prior to 2.0.10 Description: The issue is related to errors in restricting XML links to external objects XXE in the log4net logging library on the .NET Framework platform. Exploitation of this issue may allow a remote...
CVE-2006-0743
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service memory corruption and termination via unknown vectors...
Format string
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service memory corruption and termination via unknown vectors...
CVE-2006-0743
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service memory corruption and termination via unknown vectors...