Lucene search
K

13 matches found

OSV
OSV
added 2026/06/17 12:43 p.m.4 views

ROOT-APP-MAVEN-CVE-2021-4104 CVE-2021-4104 in io.root.log4j:log4j - Patched by Root

Root has patched CVE-2021-4104 in the io.root.log4j:log4j package for Root:Maven. Multiple fixed versions available...

7.5CVSS7AI score0.81147EPSS
Exploits9
OSV
OSV
added 2026/06/17 12:43 p.m.11 views

ROOT-APP-MAVEN-CVE-2023-26464 CVE-2023-26464 in io.root.log4j:log4j - Patched by Root

Root has patched CVE-2023-26464 in the io.root.log4j:log4j package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.01905EPSS
Exploits0
OSV
OSV
added 2026/06/17 12:43 p.m.7 views

ROOT-APP-MAVEN-CVE-2022-23307 CVE-2022-23307 in io.root.log4j:log4j - Patched by Root

Root has patched CVE-2022-23307 in the io.root.log4j:log4j package for Root:Maven. Multiple fixed versions available...

9CVSS7.3AI score0.52458EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/09/08 12:0 a.m.32 views

Apache Archiva < 2.2.6 Multiple Log4j Vulnerabilities (Log4Shell) - Active Check

Apache Archiva is prone to multiple vulnerabilities in the Apache Log4j library. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS6.9AI score0.99999EPSS
Exploits353References10
RedHat Linux
RedHat Linux
added 2022/04/11 12:59 p.m.3 views

log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender

A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker's JND...

7.5CVSS7.5AI score0.81147EPSS
Exploits9References9
RedHat Linux
RedHat Linux
added 2022/01/20 6:54 p.m.2 views

log4j-core: remote code execution via JDBC Appender

Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a dat...

8.5CVSS7.5AI score0.97906EPSS
Exploits9References5
Huntr
Huntr
added 2022/01/16 8:0 p.m.40 views

Static Code Injection in playframework/play-samples

Description "play-samples" project uses the vulnerable log4j library 2.17.0. This can cause potential RCE vulnerability on the project. Vulnerability: CVE-2021-44832 Remote Code Execution. Another reference from Apache for CVE-2021-44832. You should upgrade the log4j library to latest version...

3.8AI score0.97906EPSS
Exploits9
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/06 3:27 p.m.145 views

Security Bulletin: Vulnerability in Apache Log4j affects IBM Tivoli Netcool Impact (CVE-2021-45046)

Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Tivoli Netcool Impact to provide logging functionality. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-45046 DESCRIPTION: Apache Log4j could allow a remote attacker to execute...

10CVSS1AI score0.99999EPSS
Exploits353Affected Software1
The Hacker News
The Hacker News
added 2021/12/23 12:9 p.m.121 views

CISA, FBI and NSA Publish Joint Advisory and Scanner for Log4j Vulnerabilities

Cybersecurity agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Wednesday released a joint advisory in response to widespread exploitation of multiple vulnerabilities in Apache's Log4j software library by nefarious adversaries. "These vulnerabilities, especially Log4Shell, a...

10CVSS0.2AI score0.99999EPSS
Exploits359
OpenVAS
OpenVAS
added 2021/12/23 12:0 a.m.24 views

Apache Tika 2.x < 2.2.0 Log4j RCE Vulnerability (Log4Shell)

Apache Tika is prone to a remote code execution RCE vulnerability in the Apache Log4j library dubbed SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

10CVSS9.4AI score0.99999EPSS
Exploits351References7
Securelist
Securelist
added 2021/12/20 3:45 p.m.98 views

Answering Log4Shell-related questions

Important notice On December 18th, Log4j version 2.17.0 was released to address open vulnerabilities. It is highly recommended to update your systems as soon as possible. History of the Log4j library vulnerabilities CVE-2021-44228 initial vulnerability – partially fixed in 2.15.0 CVE-2021-45046...

9.3CVSS10AI score0.99999EPSS
Exploits355
RedHat Linux
RedHat Linux
added 2021/12/15 2:59 a.m.7 views

log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value

A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint...

10CVSS7.7AI score0.99999EPSS
Exploits351References9
Akamai Blog
Akamai Blog
added 2021/12/11 11:0 a.m.159 views

CVE-2021-44228 - Patching is Recommended for Evolving Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)

Akamai has been monitoring the rapidly evolving developments of CVE-2021-44228. We have been working closely with our customers and internal application teams to mitigate the risks posed by the threat of unauthorized remote code execution. This includes deploying an update to our existing Apache...

10CVSS4.7AI score0.99999EPSS
Exploits351
Rows per page
Query Builder