Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26 matches found

CNNVD
CNNVDadded 2022/01/18 12:0 a.m.4 views

Apache Log4j SQL注入漏洞

Apache Log4j, a Java-based open source logging tool from the Apache Foundation, is vulnerable to SQL injection, which stems from a JDBCAppender in Log4j 1.2.x that accepts a SQL statement as a configuration parameter, where the value to be inserted is from the PatternLayout's converter. The messa...

9.8CVSS5.8AI score0.09452EPSS
Exploits1References52
IBM Security Bulletins
IBM Security Bulletinsadded 2021/12/23 6:34 p.m.51 views

Security Bulletin: Multiple vulnerabilities in Apache log4j affect the IBM WebSphere Application Server which is shipped with IBM Intelligent Operations Center (CVE-2021-4104, CVE-2021-45046).

Summary IBM WebSphere® Application Server is shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could...

10CVSS1.5AI score0.94358EPSS
Exploits346Affected Software2
CNVD
CNVDadded 2021/12/20 12:0 a.m.37 views

Apache Log4j2 Denial of Service Vulnerability (CNVD-2021-101661)

Log4j is an open source project of Apache , through the use of Log4j, you can control the destination of the log message delivery is the console , files , GUI components , and even sets of interfaces servers , NT's event logger and so on. A denial of service vulnerability exists in Apache Log4j2...

5.9CVSS7.8AI score0.74016EPSS
Exploits20References1
Tenable Nessus
Tenable Nessusadded 2021/12/18 12:0 a.m.76 views

Apache Log4j 2.x < 2.17.0 DoS

The version of Apache Log4j on the remote host is 2.x 2.3.1 / 2.13.2 / 2.17.0. It is, therefore, affected by a denial of service vulnerability. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 did not protect from uncontrolled recursion from self-referential lookups. When the logging configuratio...

5.9CVSS7.5AI score0.74016EPSS
Exploits20References3
CNNVD
CNNVDadded 2021/12/18 12:0 a.m.3 views

Apache Log4j 安全漏洞

Log4j is an open source project of Apache , through the use of Log4j, you can control the destination of the log message delivery is the console , files , GUI components , and even sets of interfaces servers , NT's event logger and so on. A denial of service vulnerability exists in Apache Log4j2...

5.9CVSS7.1AI score0.74016EPSS
Exploits20References77
Cvelist
Cvelistadded 2021/12/14 4:55 p.m.35 views

CVE-2021-45046 Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map MDC input data when the logging configuration uses a non-default Pattern Layout with either a Context...

8.7AI score0.9434EPSS
Exploits39References21
Rows per page
Query Builder