Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
apache log4j vulnerabilities and exploits
(subscribe to this query)
7.5
CVE-2023-26464
** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted (ie, deeply nested) hashmap or hashtable (depending on which logging...
Apache Log4j
9.8
CVSSv3
CVE-2020-9493
A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution....
Apache Chainsaw
Apache Log4j
Qos Reload4j
6 Github repositories available
8.1
CVE-2021-4125
It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as not all JndiLookup.class files were removed. This CVE only applies to the OpenShift Metering hive container images, shipped in OpenShift...
Redhat Openshift
Apache Hive
1 Github repository available
9.8
CVSSv3
CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects...
Apache Log4j
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Netapp Oncommand Workflow Automation -
Netapp Oncommand System Manager
Oracle Retail Service Backbone 14.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Endeca Information Discovery Studio 3.2.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Rapid Planning 12.1
Oracle Rapid Planning 12.2
Oracle Financial Services Lending And Leasing
Oracle Financial Services Lending And Leasing 12.5.0
Oracle Communications Network Integrity
Oracle Primavera Gateway
Oracle Retail Service Backbone 16.0
Oracle Retail Extract Transform And Load 19.0
Oracle Mysql Enterprise Monitor
Apache Bookkeeper
57 Github repositories available
1 Article available
6.6
CVSSv3
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Order Broker 18.0
Oracle Siebel Ui Framework
Oracle Retail Xstore Point Of Service 17.0.4
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Retail Xstore Point Of Service 19.0.2
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Retail Order Broker 19.1
Oracle Policy Automation
Oracle Product Lifecycle Analytics 3.6.1
Oracle Retail Xstore Point Of Service 21.0.1
Oracle Policy Automation For Mobile Devices
Oracle Health Sciences Data Management Workbench 3.0.0.0
Oracle Health Sciences Data Management Workbench 3.1.0.3
Oracle Health Sciences Data Management Workbench 2.5.2.1
Oracle Communications Brm - Elastic Charging Engine 12.0.0.5.0
Oracle Communications Offline Mediation Controller 12.0.0.5.0
Oracle Communications Offline Mediation Controller
Oracle Communications Brm - Elastic Charging Engine
35 Github repositories available
5 Articles available
9
CVSSv3
CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout...
Apache Log4j 2.0
Apache Log4j
Intel Oneapi -
Intel Audio Development Kit -
Intel Datacenter Manager -
Intel System Debugger -
Intel Secure Device Onboard -
Intel Sensor Solution Firmware Development Kit -
Intel Computer Vision Annotation Tool -
Intel Genomics Kernel Library -
Intel System Studio -
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
Siemens Desigo Cc Info Center 5.0
Siemens Desigo Cc Info Center 5.1
Siemens Desigo Cc Advanced Reports 4.1
Siemens Desigo Cc Advanced Reports 4.2
Siemens Desigo Cc Advanced Reports 5.0
Siemens Desigo Cc Advanced Reports 5.1
Siemens Desigo Cc Advanced Reports 4.0
Siemens Comos
Siemens Captial 2019.1
Siemens Navigator
Siemens Xpedition Package Integrator -
Siemens Xpedition Enterprise -
Siemens Vesys 2019.1
Siemens Vesys
Siemens Captial
Siemens Industrial Edge Management
Siemens Industrial Edge Management Hub
Siemens Mendix
Siemens Mindsphere
Siemens Nx
Siemens Opcenter Intelligence
Siemens Operation Scheduler
Siemens Sentron Powermanager 4.1
Siemens Sentron Powermanager 4.2
Siemens Siguard Dsa 4.2
Siemens Siguard Dsa 4.3
Siemens Siguard Dsa 4.4
Siemens Siveillance Vantage
Siemens Siveillance Viewpoint
Siemens Solid Edge Cam Pro
Siemens Solid Edge Harness Design
Siemens Solid Edge Harness Design 2020
Siemens Spectrum Power 7
Siemens Spectrum Power 7 2.30
Siemens Teamcenter
Siemens Tracealertserverplus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Email Security
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Siemens 6bk1602-0aa12-0tp0 Firmware
Siemens 6bk1602-0aa22-0tp0 Firmware
Siemens 6bk1602-0aa32-0tp0 Firmware
Siemens 6bk1602-0aa42-0tp0 Firmware
Siemens 6bk1602-0aa52-0tp0 Firmware
82 Github repositories available
8 Articles available
8.8
CVSSv3
CVE-2021-3100
The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges....
Amazon Log4jhotpatch
2 Articles available
8.8
CVSSv3
CVE-2022-23302
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a...
Apache Log4j
Netapp Snapmanager -
Broadcom Brocade Sannav -
Qos Reload4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Jdeveloper 12.2.1.3.0
Oracle Identity Management Suite 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Network Integrity 7.3.6
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Advanced Supply Chain Planning 12.2
Oracle Advanced Supply Chain Planning 12.1
Oracle Communications Unified Inventory Management 7.4.1
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Messaging Server 8.1
Oracle Business Intelligence 5.9.0.0.0
Oracle Healthcare Foundation 8.1.0
Oracle Communications Eagle Ftp Table Base Retrieval 4.5
Oracle Identity Manager Connector 11.1.1.5.0
Oracle Communications Unified Inventory Management 7.4.2
Oracle Communications Instant Messaging Server 10.0.1.5.0
Oracle Middleware Common Libraries And Tools 12.2.1.4.0
Oracle Identity Management Suite 12.2.1.4.0
Oracle Financial Services Revenue Management And Billing Analytics 2.7.0.0
Oracle Hyperion Data Relationship Management
Oracle Financial Services Revenue Management And Billing Analytics 2.8.0.0
Oracle Mysql Enterprise Monitor
Oracle Hyperion Infrastructure Technology
Oracle Tuxedo 12.2.2.0.0
Oracle E-business Suite Cloud Manager And Cloud Backup Module
Oracle E-business Suite Cloud Manager And Cloud Backup Module 2.2.1.1.1
Oracle Financial Services Revenue Management And Billing Analytics 2.7.0.1
Oracle Communications Offline Mediation Controller 12.0.0.5.0
Oracle Communications Offline Mediation Controller
9 Github repositories available
1 Article available
8.8
CVSSv3
CVE-2022-23307
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists....
Apache Chainsaw
Apache Log4j
Qos Reload4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Jdeveloper 12.2.1.3.0
Oracle Identity Management Suite 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Network Integrity 7.3.6
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Advanced Supply Chain Planning 12.2
Oracle Advanced Supply Chain Planning 12.1
Oracle Communications Unified Inventory Management 7.4.1
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Messaging Server 8.1
Oracle Business Intelligence 5.9.0.0.0
Oracle Healthcare Foundation 8.1.0
Oracle Communications Eagle Ftp Table Base Retrieval 4.5
Oracle Retail Extract Transform And Load 13.2.5
Oracle Identity Manager Connector 11.1.1.5.0
Oracle Communications Unified Inventory Management 7.4.2
Oracle Communications Instant Messaging Server 10.0.1.5.0
Oracle Middleware Common Libraries And Tools 12.2.1.4.0
Oracle Identity Management Suite 12.2.1.4.0
Oracle Financial Services Revenue Management And Billing Analytics 2.7.0.0
Oracle Hyperion Data Relationship Management
Oracle Financial Services Revenue Management And Billing Analytics 2.8.0.0
Oracle Mysql Enterprise Monitor
Oracle Hyperion Infrastructure Technology
Oracle Tuxedo 12.2.2.0.0
Oracle E-business Suite Cloud Manager And Cloud Backup Module
Oracle E-business Suite Cloud Manager And Cloud Backup Module 2.2.1.1.1
Oracle Financial Services Revenue Management And Billing Analytics 2.7.0.1
Oracle Communications Offline Mediation Controller 12.0.0.5.0
Oracle Communications Offline Mediation Controller
11 Github repositories available
1 Article available
3.7
CVSSv3
CVE-2020-9488
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1...
Apache Log4j
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Integration Bus 14.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Core Banking 5.2.0
Oracle Retail Integration Bus 15.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Weblogic Server 10.3.6.0.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Unified Inventory Management 7.4.0
Oracle Data Integrator 12.2.1.3.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Policy Automation Connector For Siebel 10.4.6
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 19.12
Oracle Retail Customer Management And Segmentation Foundation 16.0
Oracle Retail Customer Management And Segmentation Foundation 17.0
Oracle Retail Customer Management And Segmentation Foundation 18.0
Oracle Retail Customer Management And Segmentation Foundation 19.0
Oracle Retail Integration Bus 16.0
Oracle Utilities Framework
Oracle Utilities Framework 4.4.0.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Communications Application Session Controller 3.9m0p1
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Unified Inventory Management 7.3.0
Oracle Enterprise Manager For Peoplesoft 13.4.1.1
Oracle Financial Services Institutional Performance Analytics 8.0.6
Oracle Financial Services Institutional Performance Analytics 8.1.0
Oracle Financial Services Institutional Performance Analytics 8.7.0
Oracle Financial Services Market Risk Measurement And Management 8.0.8
Oracle Financial Services Market Risk Measurement And Management 8.1.0
Oracle Financial Services Price Creation And Discovery 8.0.6
Oracle Financial Services Retail Customer Analytics 8.0.6
Oracle Flexcube Core Banking
Oracle Insurance Insbridge Rating And Underwriting
Oracle Insurance Insbridge Rating And Underwriting 5.6.1.0
Oracle Insurance Policy Administration J2ee 10.2.0.37
Oracle Insurance Policy Administration J2ee 10.2.4.12
Oracle Insurance Policy Administration J2ee 11.0.2.25
Oracle Insurance Policy Administration J2ee 11.1.0.15
Oracle Insurance Rules Palette 10.2.0.37
Oracle Insurance Rules Palette 10.2.4.12
Oracle Insurance Rules Palette 11.0.2.25
Oracle Insurance Rules Palette 11.1.0.15
Oracle Insurance Rules Palette 11.2.0.26
Oracle Policy Automation
Oracle Policy Automation For Mobile Devices
Oracle Retail Advanced Inventory Planning 14.1
Oracle Retail Assortment Planning 15.0.3.0
Oracle Retail Assortment Planning 16.0.3.0
Oracle Retail Bulk Data Integration 15.0.3.0
Oracle Retail Bulk Data Integration 16.0.3.0
Oracle Retail Order Broker Cloud Service 16.0
Oracle Retail Order Broker Cloud Service 18.0
Oracle Retail Order Broker Cloud Service 19.0
Oracle Retail Order Broker Cloud Service 19.1
Oracle Retail Order Broker Cloud Service 19.3
Oracle Retail Predictive Application Server 14.1.3.0
Oracle Retail Predictive Application Server 15.0.3.0
Oracle Spatial And Graph 18c
Oracle Spatial And Graph 19c
Oracle Communications Eagle Ftp Table Base Retrieval 4.5
Oracle Communications Services Gatekeeper 7.0
Oracle Data Integrator 12.2.1.4.0
Oracle Health Sciences Information Manager 3.0.1
Oracle Insurance Policy Administration J2ee 11.2.0.26
Oracle Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Retail Eftlink 15.0.2
Oracle Retail Eftlink 16.0.3
Oracle Retail Eftlink 17.0.2
Oracle Retail Eftlink 18.0.1
Oracle Retail Eftlink 19.0.1
Oracle Retail Insights Cloud Service Suite 19.0
Oracle Retail Order Broker Cloud Service 19.2
Oracle Retail Predictive Application Server 16.0.3.0
Oracle Retail Xstore Point Of Service 15.0.4
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 17.0.4
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Retail Xstore Point Of Service 19.0.2
Oracle Siebel Apps - Marketing
Oracle Siebel Ui Framework
Oracle Spatial And Graph 12.2.0.1
Oracle Storagetek Acsls 8.5.1
Oracle Storagetek Tape Analytics Sw Tool 2.3.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Qos Reload4j
15 Github repositories available
1 Article available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
wireless
SQL
CVE-2023-1454
overflow
CVE-2022-48425
CVE-2023-25064
CVE-2023-28107
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon