Filter
Versions
Apache Log4j 2End of life
First published (updated )
Apache Log4j 2End of life
First published (updated )
BleepingComputerOver 30% of Log4J apps use a vulnerable version of the library
First published (updated )
News
BleepingComputerApache Log4jApache Log4j 1.x (EOL) allows DoS in Chainsaw and SocketAppender
7.5
First published (updated )
Apache Log4jA deserialization flaw was found in Apache log4j 1.2.x. While reading serialized log events, they ar…
7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Log4jBy design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter whe…
7
First published (updated )
Apache Log4jA deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.
First published (updated )
Apache Log4jSQL injection in JDBC Appender in Apache Log4j V1
First published (updated )
Apache Log4jDeserialization of untrusted data in JMSSink in Apache Log4j 1.x
First published (updated )
Apache Log4jApache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Retail Integration BusApache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability
9.8
First published (updated )
Apache Log4jApache log4j2 log messages substitution (CVE-2021-44228)
First published (updated )
redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2
8.1
First published (updated )
Cisco Webex Meetings Server SoftwareApache log4j2 log messages substitution (CVE-2021-44228)
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Retail Order Broker Cloud ServiceImproper validation of certificate with host mismatch in Apache Log4j SMTP appender prior to version…
4.3
First published (updated )
oracle policy automationIn Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive s…
9.8
First published (updated )
Apache Log4j 2.3Reached end of life
First published (updated )
Apache Log4j 2.3Reached end of life
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Log4jApache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability
5.3
Apache Log4jApache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability
5.3