295 matches found
Security Bulletin: IBM® Db2® federated server is affected by a vulnerability in log4j-core-2.17.2 (CVE-2025-68161)
Summary IBM® Db2® federated server is affected by a vulnerability in log4j-core-2.17.2 CVE-2025-68161 Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer...
SAP NetWeaver AS Java Apache Log4j Vulnerability (3726899)
The version of SAP NetWeaver Application Server Java detected on the remote host is affected by a vulnerability in the Apache Log4j library as referenced in SAP Security Note 3726899: - The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname...
Security Bulletin: Multiple Vulnerabilities in IBM Guardium Key Lifecycle Manager (CVE-2025-68161, CVE-2026-1726)
Summary Security Vulnerabilities have been addressed in IBM Guardium Key Lifecycle Manager Vulnerability Details CVEID:CVE-2026-1726 DESCRIPTION: IBM Security Guardium enables privilege escalation, allowing unauthorized users to perform administrative operations after being demoted. Attackers cou...
Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Log4Shell CVE-2021-44228 - SOC Report Analysis Overview...
Unity Linux 20.1070e Security Update: wildfly-core (UTSA-2026-016752)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016752 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...
Unity Linux 20.1060e / 20.1070e Security Update: datanucleus-api-jdo (UTSA-2026-016658)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016658 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...
Unity Linux 20.1060e / 20.1070e Security Update: datanucleus-api-jdo (UTSA-2026-016684)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016684 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1070e Security Update: wildfly-core (UTSA-2026-016706)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016706 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1070e Security Update: wildfly-elytron (UTSA-2026-016747)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016747 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...
Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016696)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016696 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1060e / 20.1070e Security Update: jboss-logging (UTSA-2026-016641)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016641 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...
Unity Linux 20.1060e / 20.1070e Security Update: wildfly-elytron (UTSA-2026-016677)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016677 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016725)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016725 advisory. It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non- default configurations. This could allows attackers with...
Unity Linux 20.1070e Security Update: datanucleus-core (UTSA-2026-016737)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016737 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...
Unity Linux 20.1060e / 20.1070e Security Update: wildfly-common (UTSA-2026-016679)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016679 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1070e Security Update: jgroups (UTSA-2026-016753)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016753 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...
Unity Linux 20.1070e Security Update: mx4j (UTSA-2026-016714)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016714 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...
Unity Linux 20.1070e Security Update: datanucleus-rdbms (UTSA-2026-016692)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016692 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...
Astra Linux – Vulnerability in Apache Log4j2
Apache Log4j2 versions 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 have JNDI features that are used in configuration, log messages, and parameters. However, these features do not protect against attacks from controlled LDAP endpoints and other JNDI-related...
Astra Linux – Vulnerability in Apache Log4j2
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not prevent uncontrolled recursion from self-referential lookups. This allowed an attacker with control over the Thread Context Map data to cause a denial of service when a crafted string was interpreted. This issue w...