Lucene search
+L

223 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.13 views

Unity Linux 20.1070e Security Update: wildfly-common (UTSA-2026-016751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016751 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

8.5CVSS7.7AI score0.97906EPSS
Exploits9References4
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: infinispan (UTSA-2026-016749)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016749 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

10CVSS7.3AI score0.99999EPSS
Exploits354References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Apache Log4j2

Improper validation of certificates with host mismatches in the Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack, thereby leaking any log messages sent through that appender. This issue has been fixed in Apache Log4j 2.12.3 and 2.13....

4.3CVSS6.6AI score0.08096EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Apache Log4j2

Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI, provided that the attacker has control over the target LDAP server. Thi...

8.5CVSS8.7AI score0.97906EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: json-lib (UTSA-2026-017352)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017352 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

5.9CVSS7AI score0.99999EPSS
Exploits20References4
Github Security Blog
Github Security Blog
added 2026/04/10 6:31 p.m.8 views

Apache Log4j 1 to Log4j 2 bridge: silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log...

7.5CVSS5.8AI score0.00535EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

Debian dla-4444 : liblog4j2-java - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4444 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4444-1 [email protected] https://www.debian.org/lts/security/...

6.3CVSS7.2AI score0.00743EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2026/01/20 12:0 a.m.3 views

Debian: Security Advisory (DLA-4444-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS5.4AI score0.00743EPSS
Exploits1References2
Debian
Debian
added 2026/01/19 10:50 p.m.12 views

[SECURITY] [DLA 4444-1] apache-log4j2 security update

Debian LTS Advisory DLA-4444-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 19, 2026 https://wiki.debian.org/LTS Package : apache-log4j2 Version : 2.17.1-1deb11u2 CVE ID : CVE-2025-68161 Debian Bug : 1123744 In Apache Log4j2, a Java Logging Framework, t...

6.3CVSS6.5AI score0.00743EPSS
Exploits1
OSV
OSV
added 2026/01/19 12:0 a.m.5 views

DLA-4444-1 apache-log4j2 - security update

Bulletin has no description...

6.3CVSS5AI score0.00743EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/06 12:6 p.m.9 views

Security Bulletin: Multiple vulnerabilities found in IBM EntireX through the use of webMethods Integration Server.

Summary As IBM EntireX Adapter runs in the webMethods Integration Server and the webMethods Integration Server has been updated in order to address the vulnerabilities, the fix for webMethods Integration Server will need to be applied by IBM EntireX customers. Vulnerability Details...

8.5CVSS9.2AI score0.97906EPSS
Exploits10Affected Software1
Gitee
Gitee
added 2025/09/06 11:51 a.m.93 views

Exploit for CVE-2018-3149

log4j2-exploits https://user-images.githubusercontent.com/37479424/145661983-131eb84a-9ac5-4014-9f6b-10b69d8d7cf4.mp4 This fundamental vulnerability was reported by CVE-2018-3149 and patched by this article. 8u121 Release Notes However, the logging library for java called log4j2 had JNDILookup,...

8.3CVSS7.4AI score0.07215EPSS
Exploits2
Gitee
Gitee
added 2025/09/06 12:36 a.m.156 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell CVE-2021-44228 & CVE-2021-45046 & CVE-2021-45105. It scans recursively both on disk and inside nested Java Archive files JARs. How it works log4j-finder identifies log4j2 libraries on your filesyst...

10CVSS8.5AI score0.99999EPSS
Exploits358
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-45105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allo...

5.9CVSS7.1AI score0.99999EPSS
Exploits20References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-44832

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

8.5CVSS7.7AI score0.97906EPSS
Exploits9References2
vulnersOsv
vulnersOsv
added 2025/06/03 3:31 p.m.10 views

org.apache.pekko:pekko-management-cluster-bootstrap_3 (>=1.0.0 <=1.1.0-M1), org.apache.pekko:pekko-management-cluster-http_3 (>=1.0.0 <=1.1.0-M1) +2 more potentially affected by CVE-2025-46548 via org.apache.pekko:pekko-management_3 (>=1.0.0 <=1.1.0)

org.apache.pekko:pekko-management3 MAVEN version =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.1.0-M1 Source cves: CVE-2025-46548 Source advisory: OSV:GHSA-9QVJ-RPJ8-V5C8...

6.5CVSS5.8AI score0.00655EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/06/03 3:31 p.m.6 views

com.lightbend.akka.management:akka-management-cluster-bootstrap_3 (>=1.3.0 <=1.4.1), com.lightbend.akka.management:akka-management-cluster-http_3 (>=1.3.0 <=1.4.1) +2 more potentially affected by CVE-2025-46548 via com.lightbend.akka.management:akka-management_3 (>=1.3.0 <=1.4.1)

com.lightbend.akka.management:akka-management3 MAVEN version =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.4.1 Source cves: CVE-2025-46548 Source advisory: OSV:GHSA-9QVJ-RPJ8-V5C8...

6.5CVSS5.8AI score0.00655EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.17 views

Amazon Linux 2022 : log4j, log4j-jcl, log4j-slf4j (ALAS2022-2022-011)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-011 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack where an attacker with permission to modify the...

8.5CVSS8.8AI score0.97906EPSS
Exploits9References3
Gitee
Gitee
added 2024/10/29 4:5 p.m.251 views

Exploit for Injection in Oracle Agile_Plm

针对 loj4j2 CVE-2021-44228 漏洞的研究 实验平台 - VirtualBox 7.0.12 r159484 Qt5.15.2 - Attacker kali - 网络地址转换(NAT) - host-only 网络 192.168.56.101 - Victim kali 2023.3 - 网络地址转换(NAT) - host-only 网络 192.168.56.112 实验任务 - - x 搭建实验平台 - - x 漏洞存在性验证 以 loj4j2 CVE-2021-44228 为例 - - x 漏洞可利用验证 以 loj4j2 CVE-2021-44228 为例...

10CVSS9.1AI score0.99999EPSS
Exploits388
OSV
OSV
added 2024/10/14 6:30 p.m.14 views

GHSA-443J-GRXV-2PGV Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could...

8.8CVSS8.6AI score0.16539EPSS
Exploits0References6
Rows per page
Query Builder