Apache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability [CVE-2021-45105]

Please note that this vulnerability is not the main well known Log4j one, for further information on CVE-2021-44228 please click

Read more

Critical Apache Log4j remote code execution vulnerability [CVE-2021-44228]

A critical remote code execution vulnerability in Apache Foundation Log4j library has been discovered. This vulnerability has been dubbed Log4Shell.

Read more

Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 (CVE-2021-41773)

CVE number = CVE-2021-41773 A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49.

Read more

Path Traversal and Remote Code Execution in Apache HTTP Server (incomplete fix of CVE-2021-41773) (CVE-2021-42013)

It was discovered that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a

Read more

Apache Tomcat – Denial of service vulnerability [CVE-2021-42340]

CVE number – CVE-2021-42340 The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions

Read more

Apache Releases Security Update for Apache HTTP Server 2.4 [CVE-2021-41773]

CVE number – CVE-2021-41773 A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49.

Read more

Apache OpenOffice remote code execution flaw [CVE-2021-33035]

CVE number = CVE-2021-33035 Security researcher Eugene Lim (@spaceraccoonsec) has revealed technical details about a remote code execution flaw in

Read more

Apache NuttX vulnerable to integer wrap-arounds [CVE-2021-26461]

CVE number = CVE-2021-26461 Apache Nuttx (incubating) versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc

Read more

Apache SpamAssassin malicious rule configuration [CVE-2020-1946]

CVE number – CVE-2020-1946 Apache SpamAssassin 3.4.5 was recently released [1], and fixes an issue of security note where malicious

Read more

Apache Commons Beanutils PropertyUtilsBean Class Property Suppression Vulnerability [CVE-2019-10086]

CVE number – CVE-2019-10086 A vulnerability in Apache Commons Beanutils could allow an unauthenticated, remote attacker to perform unauthorized actions

Read more
%d bloggers like this: