CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

ThreatPost•added 2022/03/29 8:33 p.m.•189 views

Log4JShell Used to Swarm VMware Servers with Miners, Backdoors

What researchers are calling a “horde” of miner bots and backdoors are using the Log4Shell bug to take over vulnerable VMware Horizon servers, with threat actors still actively waging some attacks. On Tuesday, Sophos reported that the remote code execution RCE Log4j vulnerability in the ubiquitou...

9.8CVSS9.1AI score0.99999EPSS

Exploits45References21

IBM Security Bulletins•added 2021/12/22 12:7 a.m.•33 views

Security Bulletin: Log4JShell Vulnerability affects Watson Machine Learning in Cloud Pak for Data (CVE-2021-44228)

Summary Apache Log4j, used for logging in Watson Machine Learning in Cloud Pak for Data, is impacted by the Apache Log4j vulnerability CVE-2021-44228. Customers are encouraged to take quick action to update their systems. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could...

10CVSS0.7AI score0.99999EPSS

Exploits344Affected Software1

OPENSUSE Linux•added 2021/12/20 12:0 a.m.•121 views

Security update for log4j (important)

openSUSE Security Update: Security update for log4j Announcement ID: openSUSE-SU-2021:1601-1 Rating: important References: 1193743 Cross-References: CVE-2021-44228 CVE-2021-45046 CVSS scores: CVE-2021-44228 NVD : 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2021-44228 SUSE: 9.8...

9.8CVSS7.5AI score0.99999EPSS

Exploits346References1

IBM Security Bulletins•added 2021/12/17 2:7 p.m.•256 views

Security Bulletin: Log4jShell Vulnerability affects IBM SPSS Statistics Server (CVE-2021-44228)

Summary There is a vulnerability in the version of Log4j that is part of IBM SPSS Statistics Server. IBM SPSS Statistics Server has addressed this vulnerability. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the...

10CVSS1.5AI score0.99999EPSS

Exploits344Affected Software1

OSV•added 2021/12/17 12:38 p.m.•9 views

SUSE-SU-2021:4115-1 Security update for log4j

This update for log4j fixes the following issue: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

7.5CVSS8.9AI score0.81147EPSS

Exploits9References3

OSV•added 2021/12/17 11:19 a.m.•11 views

OPENSUSE-SU-2021:4112-1 Security update for log4j12

This update for log4j12 fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

7.5CVSS7.9AI score0.81147EPSS

Exploits9References3

OSV•added 2021/12/17 11:19 a.m.•4 views

SUSE-SU-2021:4111-1 Security update for log4j

This update for log4j fixes the following issue: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

7.5CVSS8.9AI score0.81147EPSS

Exploits9References3

OSV•added 2021/12/17 11:18 a.m.•4 views

OPENSUSE-SU-2021:4111-1 Security update for log4j

This update for log4j fixes the following issue: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

7.5CVSS7.9AI score0.81147EPSS

Exploits9References3

IBM Security Bulletins•added 2021/12/17 4:55 a.m.•102 views

Security Bulletin: Log4JShell Vulnerability affects Watson Knowledge Catalog InstaScan (CVE-2021-44228)

Summary There is a vulnerability in the version of Apache Log4j that was included in Watson Knowledge Catalog InstaScan. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the...

10CVSS1.5AI score0.99999EPSS

Exploits344Affected Software1

IBM Security Bulletins•added 2021/12/17 12:12 a.m.•61 views

Security Bulletin: Log4jShell Vulnerability affects Decision Optimization for Cloud Pak for Data (CVE-2021-44228)

Summary The Apache Log4j vulnerability used by Decision Optimization for Cloud Pak for Data has been addressed. IBM strongly recommends addressing the Log4j vulnerability CVE-2021-44228 now by upgrading. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote...

10CVSS1.3AI score0.99999EPSS

Exploits344Affected Software1

OPENSUSE Linux•added 2021/12/17 12:0 a.m.•52 views

Security update for log4j12 (important)

openSUSE Security Update: Security update for log4j12 Announcement ID: openSUSE-SU-2021:4112-1 Rating: important References: 1193662 Cross-References: CVE-2021-4104 CVSS scores: CVE-2021-4104 SUSE: 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An update th...

6.4CVSS8.3AI score0.81147EPSS

Exploits9References1

IBM Security Bulletins•added 2021/12/16 4:32 a.m.•151 views

Security Bulletin: Log4JShell Vulnerability affects IBM SPSS Modeler (CVE-2021-44228)

Summary There is a vulnerability in the version of Log4j that was included in IBM SPSS Modeler. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the failure...

10CVSS2.6AI score0.99999EPSS

Exploits344Affected Software1

Qualys Blog•added 2021/12/14 11:55 p.m.•54 views

Detect Exploitation Attempts With Qualys XDR (Beta)

The recently announced Log4JShell / CVE-2021-44228 exploit is the latest reminder of why it’s so important to maintain an enterprise-wide view of your security posture. The heart of the exploit centers around misuse of the JNDI lookup function built into log4j. Impact: There are multiple proofs o...

9.3CVSS9.9AI score0.99999EPSS

Exploits344