qos

Security Risk Profile

/100

low

Security Risk Score

Comprehensive risk assessment based on 10 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from March 13, 2017 to present

Total CVEs

Critical+High

Exploited

Unpatched

Threat Assessment

Avg CVSS

8.3

Base severity

Avg EPSS

Exploit probability

Unpatched

Critical/High

Risk Level

32/100

low

⚡ 3 Zero-Days

Severity Distribution

Critical

High

Medium

Low

Exploit Likelihood

>50% chance

20-50%

5-20%

<5%

Age Distribution

Common Weaknesses (CWE)

SQL Injection

Most Affected Products

1. qos logback19

2. Apache Log4j19

3. Oracle Utilities Framework14

4. redhat/log4j10

5. Oracle WebLogic Server10

Recent Vulnerabilities

See more →

CVE-2023-6481

CVSS 7.5EPSS 0%high

Logback "receiver" DOS vulnerability CVE-2023-6378 incomplete fix

12/4/2023

CVE-2023-6378

CVSS 7.5EPSS 0%high

Logback "receiver" DOS vulnerability

11/29/2023

CVE-2022-23307

CVSS 9.8critical

A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.

1/18/2022⚡ Zero-Day

CVE-2022-23305

CVSS 9.8critical

SQL injection in JDBC Appender in Apache Log4j V1

1/18/2022⚡ Zero-Day

CVE-2022-23302

CVSS 8.8high

Deserialization of untrusted data in JMSSink in Apache Log4j 1.x

1/18/2022⚡ Zero-Day

CVE-2021-42550

CVSS 6.6medium

RCE from attacker with configuration edit priviledges through JNDI lookup

12/16/2021

CVE-2020-9493

CVSS 9.8critical

Java deserialization in Chainsaw

Monitor qos in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free Trial Book a Demo

qos

Security Risk Score

Threat Assessment

Severity Distribution

Exploit Likelihood

Age Distribution

Common Weaknesses (CWE)

Most Affected Products

Recent Vulnerabilities

Monitor qos in Real-Time

Monitor Your Software Stack in Real-Time