Lucene search
+L

262 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2021-33999

Malicious code in bioql PyPI...

10CVSS8.2AI score0.99999EPSS
Exploits357References10
Tenable Nessus
Tenable Nessus
added 2023/10/26 12:0 a.m.82 views

GLSA-202310-16 : Ubiquiti UniFi: remote code execution via bundled log4j

The remote host is affected by the vulnerability described in GLSA-202310-16 Ubiquiti UniFi: remote code execution via bundled log4j - JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provid...

10CVSS8.4AI score0.99999EPSS
Exploits358References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/21 9:28 p.m.58 views

Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to denial of service due to Apache Log4j (CVE-2021-45105) and arbitrary code execution due to Apache Log4j (CVE-2021-45046)

Summary There are multiple Apache Log4j vulnerabilities CVE-2021-45105, CVE-2021-45046 impacting IBM Decision Optimization for Cloud Pak for Data which uses Apache Log4j for logging. The fix includes Apache Log4j 2.17. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is...

10CVSS9.9AI score0.99999EPSS
Exploits359Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/21 9:21 p.m.38 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Summary There are multiple Apache Log4j vulnerabilities CVE-2021-45105, CVE-2021-45046 impacting IBM Cloud Pak for Data which uses Apache Log4j for logging. The fix includes Apache Log4j 2.17. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of servic...

10CVSS9.9AI score0.99999EPSS
Exploits359Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/22 11:45 a.m.198 views

Security Bulletin: IBM Cloud Pak System is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45046, CVE-2021-44228)

Summary Apache Log4j is used for logging in multiple components of the IBM Cloud Pak System CPS appliance: Logstash, VMware vCenter, IBM Hardware Management Console and product pattern type pType. Arbitrary code execution vulnerabilities have been identified in Apache Log4j. Vulnerability Details...

10CVSS10AI score0.99999EPSS
Exploits358Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:27 p.m.52 views

Security Bulletin: Apache Log4j is vulnerable to CVE-2021-45105 and CVE-2021-45046 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Apache Log4j which is vulnerable to CVE-2021-45105 and CVE-2021-45046. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect from uncontrolled...

10CVSS9.5AI score0.99999EPSS
Exploits359Affected Software1
The Hacker News
The Hacker News
added 2023/05/02 5:35 a.m.174 views

Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added three flaws to the Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The security vulnerabilities are as follows - CVE-2023-1389 CVSS score: 8.8 - TP-Link Archer AX-21 Command Injection...

10CVSS10.1AI score0.99999EPSS
Exploits374
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/27 8:37 p.m.116 views

Security Bulletin: Vulnerability in Apache Log4j affects Operations Dashboard ( CVE-2021-45046)

Summary The Operations Dashboard has addressed the following CVE-2021-45046 vulnerability. Vulnerability Details CVEID:CVE-2021-45046 DESCRIPTION: Apache Log4j could result in remote code execution, caused by an incomplete fix of CVE-2021-44228 in certain non-default configurations. When the...

10CVSS9.7AI score0.99999EPSS
Exploits357Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/27 8:37 p.m.99 views

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to Apache Log4j CVE-2021-45046

Summary Automation Assets in IBM Cloud Pak for integration is vulnerable to CVE-2021-45046 with details below. Vulnerability Details CVEID:CVE-2021-45046 DESCRIPTION: Apache Log4j could result in remote code execution, caused by an incomplete fix of CVE-2021-44228 in certain non-default...

10CVSS9.7AI score0.99999EPSS
Exploits357Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.160 views

K34002344: Overview of Log4j vulnerabilities (2021 and 2022)

Security Advisory Description This document is intended to serve as an overview of the 2021 and 2022 Log4j vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated security advisory. High CVEs Medium CVEs Not Vulnerable CVEs High CV...

10CVSS9.6AI score0.99999EPSS
Exploits363
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/30 5:31 p.m.97 views

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring Installed WebSphere Application Server including Log4j

Summary The following security issues has been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect fr...

10CVSS10AI score0.99999EPSS
Exploits362Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/30 3:9 p.m.60 views

Security Bulletin: Vulnerabilities in Apache Log4j impact IBM Cloud Application Business Insights (CVE-2021-45105, CVE-2021-45046)

Summary IBM Cloud Application Business Insights ICABI is vulnerable to denial of service due to Apache Log4j CVE-2021-45105 and arbitrary code execution due to Apache Log4j CVE-2021-45046 Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service,...

10CVSS10AI score0.99999EPSS
Exploits359Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/12/09 12:0 a.m.63 views

Amazon Linux 2022 : log4j (ALAS2022-2022-225)

The version of log4j installed on the remote host is prior to 2.17.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-225 advisory. - Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in...

10CVSS8.7AI score0.99999EPSS
Exploits361References9
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/19 2:6 p.m.47 views

Security Bulletin: Apache log4j security vulnerability as it relates to IBM Maximo Scheduler Optimization - Apache Log4j - [CVE-2021-45105] (affecting v2.16) and [CVE-2021-45046] (affecting v2.15)

Summary For the 8.0.0 version of MSO, which is distributed as part of the MAS catalog here are the instructions to move to the 8.0.3 version to get log4j 2.17.1 Apache Log4j - CVE-2021-45105 affecting v2.16 and CVE-2021-45046 affecting v2.15 Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION:...

10CVSS9.6AI score0.99999EPSS
Exploits359Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/14 10:12 p.m.180 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Summary There are multiple Apache Log4j CVE-2021-45105, CVE-2021-45046 vulnerabilities impacting IBM InfoSphere Information Server which uses Apache Log4j for logging. The fix upgrades Apache Log4j to version 2.17.0. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerab...

10CVSS9.8AI score0.99999EPSS
Exploits359Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/12 4:45 a.m.45 views

Security Bulletin: Hortonworks DataFlow product has log messages vulnerable to arbitrary code execution, denial of service, and remote code execution due to Apache Log4j vulnerabilities [CVE-2021-44228], [CVE-2021-45105], and [CVE-2021-45046]

Summary Hortonworks DataFlow product for IBM has log messages vulnerable to arbitrary code execution, denial of service, and remote code execution due to Apache Log4j vulnerabilities CVE-2021-44228, CVE-2021-45105, and CVE-2021-45046. Vulnerability Details CVEID:CVE-2021-44228 DESCRIPTION: Apache...

10CVSS10AI score0.99999EPSS
Exploits359Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/14 3:28 p.m.79 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Digital Business Automation Workflow family products (CVE-2021-4104, CVE-2021-45046)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow, IBM Business Process Manager, and WebSphere Enterprise Service Bus. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a securi...

9.2AI score0.99977EPSS
Exploits42Affected Software8
OpenVAS
OpenVAS
added 2022/09/08 12:0 a.m.32 views

Apache Archiva < 2.2.6 Multiple Log4j Vulnerabilities (Log4Shell) - Active Check

Apache Archiva is prone to multiple vulnerabilities in the Apache Log4j library. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS6.9AI score0.99999EPSS
Exploits357References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/12 5:43 p.m.45 views

Security Bulletin: IBM Security Identity Manager Virtual Appliance is vulnerable to arbitrary code execution due to Apache Log4j and other issues (CVE-2021-4104, CVE-2021-45046, CVE-2021-38951)

Summary IBM Security Identity Manager Virtual Appliance ISIM VA is vulnerable to arbitrary code execution due to Apache Log4j CVE-2021-4101 and CVE-2021-45046. Apache Log4j is used by ISIM VA as part of its logging infrastructure. This fix upgrades to Apache Log4j v2.17.1. IBM Security Identity...

10CVSS10AI score0.99999EPSS
Exploits358Affected Software1
OpenVAS
OpenVAS
added 2022/07/29 12:0 a.m.42 views

Elastic Elasticsearch Multiple Log4j Vulnerabilities (ESA-2021-31, Log4Shell) - Active Check

Elastic Elasticsearch is prone to multiple vulnerabilities in the Apache Log4j library. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS6.9AI score0.99999EPSS
Exploits357References12
Rows per page
Query Builder