2 matches found
CVE-2021-44228
CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...
CVE-2019-1907
CVE-2019-1907 affects Cisco UCS Integrated Management Controller (IMC) web server. The vulnerability arises from improper handling of substring comparisons, enabling an authenticated, remote attacker to modify sensitive configuration values and escalate privileges from read-only to administrator....