Lucene search
K

238 matches found

RedhatCVE
RedhatCVE
added 2026/01/01 7:28 p.m.7 views

CVE-2025-66150

Missing Authorization vulnerability in merkulove Appender appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through = 1.1.1...

5.4CVSS5.9AI score0.00173EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-3646

Name of the Vulnerable Software and Affected Versions logback-core versions prior to 1.5.25 Description A configuration file processing issue exists in QOS.CH logback-core, potentially allowing an attacker to instantiate classes already present on the system's class path by manipulating a logback...

9.8CVSS5.4AI score0.00159EPSS
Exploits0References463
EUVD
EUVD
added 2025/12/31 9:30 p.m.3 views

EUVD-2025-206066

Missing Authorization vulnerability in merkulove Appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through 1.1.1...

5.4CVSS6.5AI score0.00173EPSS
Exploits0References2
NVD
NVD
added 2025/12/31 7:15 p.m.3 views

CVE-2025-66150

Missing Authorization vulnerability in merkulove Appender appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through = 1.1.1...

5.4CVSS0.00173EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/31 6:35 p.m.24 views

CVE-2025-66150 WordPress Appender plugin <= 1.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Appender appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through = 1.1.1...

5.4CVSS0.00173EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 6:35 p.m.11 views

CVE-2025-66150

Technical details for CVE-2025-66150 (Appender WordPress plugin: Missing Authorization) are not publicly provided in the supplied documents. No vendor/version/impact information is disclosed here. Monitor for official advisories or updates from trusted sources.

5.4CVSS5.9AI score0.00173EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 6:35 p.m.2 views

CVE-2025-66150 WordPress Appender plugin <= 1.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Appender appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through = 1.1.1...

5.4CVSS5.1AI score0.00173EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 5:16 p.m.18 views

WordPress Appender plugin <= 1.1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Appender versions = 1.1.1...

5.4CVSS6.8AI score0.00173EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.4 views

WordPress plugin Appender 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.4CVSS5.8AI score0.00173EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.3 views

PT-2025-54432

Name of the Vulnerable Software and Affected Versions merkulove Appender versions through 1.1.1 Description A missing authorization issue exists in merkulove Appender, allowing exploitation due to incorrectly configured access control security levels. Recommendations At the moment, there is no...

5.4CVSS6.3AI score0.00173EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/28 9:38 p.m.3 views

CVE-2025-68161

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

6.3CVSS6.8AI score0.00743EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/12/20 12:27 a.m.10 views

SUSE CVE-2025-68161

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

5.4CVSS6.8AI score0.00743EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2025/12/19 12:0 a.m.4 views

Apache Log4j 2.x < 2.25.3 Missing TLS Hostname Verification Vulnerability - Windows

Apache Log4j is prone to a missing TLS hostname verification vulnerability in the socket appender. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

6.3CVSS6.5AI score0.00743EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/12/19 12:0 a.m.9 views

Apache Log4j 2.x < 2.25.3 Missing TLS Hostname Verification Vulnerability - Linux

Apache Log4j is prone to a missing TLS hostname verification vulnerability in the socket appender. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

6.3CVSS6.5AI score0.00743EPSS
Exploits1References2
Snyk
Snyk
added 2025/12/18 9:45 p.m.3 views

Improper Validation of Certificate with Host Mismatch

Overview org.apache.logging.log4j:log4j-core is a logging library for Java. Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch due to the lack of TLS hostname verification in the SocketAppender component. An attacker can intercept or redirect...

6.3CVSS6.7AI score0.00743EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/12/18 9:31 p.m.11 views

Apache Log4j does not verify the TLS hostname in its Socket Appender

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName configuration attribute or the log4j2.sslVerifyHostName system property is set to true. This issue may allow a...

6.3CVSS6.8AI score0.00743EPSS
Exploits1References10Affected Software1
OSV
OSV
added 2025/12/18 9:31 p.m.7 views

GHSA-VC5P-V9HR-52MJ Apache Log4j does not verify the TLS hostname in its Socket Appender

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName configuration attribute or the log4j2.sslVerifyHostName system property is set to true. This issue may allow a...

6.3CVSS5.8AI score0.00743EPSS
Exploits1References10
NVD
NVD
added 2025/12/18 9:15 p.m.7 views

CVE-2025-68161

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

6.3CVSS0.00743EPSS
Exploits1References8
OSV
OSV
added 2025/12/18 9:15 p.m.5 views

DEBIAN-CVE-2025-68161

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

4.8CVSS6.1AI score0.00743EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2025/12/18 9:15 p.m.5 views

CVE-2025-68161

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

6.3CVSS6.7AI score0.00743EPSS
Exploits1References8
Rows per page
Query Builder