Latest vulnerabilities for vendor "qos"

Where

Sort:

Software

qos reload4j

qos logback

qos slf4j

maven/ch.qos.logback:logback-coreLogback "receiver" DOS vulnerability CVE-2023-6378 incomplete fix

Risk 31

Severity

7.5

EPSS

0.05%

First published (updated )

CVE-2023-6481

maven/ch.qos.logback:logback-classicLogback "receiver" DOS vulnerability

Risk 31

Severity

7.5

EPSS

0.05%

First published (updated )

CVE-2023-6378

Apache Log4jA deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.

Risk 99

Severity

9.8

Zeroday

First published (updated )

CVE-2022-23307

Apache Log4jSQL injection in JDBC Appender in Apache Log4j V1

Risk 99

Severity

9.8

Zeroday

First published (updated )

CVE-2022-23305

Apache Log4jDeserialization of untrusted data in JMSSink in Apache Log4j 1.x

Risk 94

Severity

8.8

Zeroday

First published (updated )

CVE-2022-23302

qos logbackRCE from attacker with configuration edit priviledges through JNDI lookup

Risk 75

Severity

6.6

First published (updated )

CVE-2021-42550

Apache ChainsawJava deserialization in Chainsaw

Risk 88

Severity

9.8

First published (updated )

CVE-2020-9493

Oracle Retail Order Broker Cloud ServiceImproper validation of certificate with host mismatch in Apache Log4j SMTP appender prior to version…

Risk 24

Severity

3.7

First published (updated )

CVE-2020-9488

Oracle Utilities FrameworkAn XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML seria…

Risk 90

Severity

9.8

First published (updated )

CVE-2018-8088

redhat/logback-classicQOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerS…

Risk 86

Severity

9.8

First published (updated )

CVE-2017-5929

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Trending

Vendor Risk Score

Software

maven/ch.qos.logback:logback-coreLogback "receiver" DOS vulnerability CVE-2023-6378 incomplete fix

maven/ch.qos.logback:logback-classicLogback "receiver" DOS vulnerability

Apache Log4jA deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.

Apache Log4jSQL injection in JDBC Appender in Apache Log4j V1

Apache Log4jDeserialization of untrusted data in JMSSink in Apache Log4j 1.x

Don't miss critical vulnerabilities

qos logbackRCE from attacker with configuration edit priviledges through JNDI lookup

Apache ChainsawJava deserialization in Chainsaw

Oracle Retail Order Broker Cloud ServiceImproper validation of certificate with host mismatch in Apache Log4j SMTP appender prior to version…

Oracle Utilities FrameworkAn XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML seria…

redhat/logback-classicQOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerS…

Don't miss critical vulnerabilities

Company

Resources

Contact