CVE-2021-4104
- EPSS 72.2%
- Veröffentlicht 14.12.2021 12:15:12
- Zuletzt bearbeitet 21.11.2024 06:36:54
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppen...
CVE-2016-2183
- EPSS 40.02%
- Veröffentlicht 01.09.2016 00:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birth...
CVE-2016-5387
- EPSS 77.5%
- Veröffentlicht 19.07.2016 02:00:19
- Zuletzt bearbeitet 12.04.2025 10:46:40
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an app...