CVE-2021-4104 – Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2
https://notcve.org/view.php?id=CVE-2021-4104
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. • http://www.openwall.com/lists/oss-security/2022/01/18/3 https://access.redhat.com/security/cve/CVE-2021-4104 https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033 https://security.gentoo.org/glsa/202209-02 https://security.gentoo.org/glsa/202310-16 https://security.gentoo.org/glsa/202312-02 https://security.gentoo.org/glsa/202312-04 https://security.netapp.com/advisory/ntap-20211223-0007 https • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •
CVE-2021-2137
https://notcve.org/view.php?id=CVE-2021-2137
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in takeover of Enterprise Manager Base Platform. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpuoct2021.html •
CVE-2021-36160 – mod_proxy_uwsgi out of bound read
https://notcve.org/view.php?id=CVE-2021-36160
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). Una uri-path de petición cuidadosamente diseñada puede causar que la función mod_proxy_uwsgi lea por encima de la memoria asignada y se bloquee (DoS). Este problema afecta a Apache HTTP Server versiones 2.4.30 a 2.4.48 (incluyéndola) An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability. • http://httpd.apache.org/security/vulnerabilities_24.html https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E https://lists.apache.org/thread.html/r73260f6ba9fb52e43d860905fc90462ba5a814afda2d011f32bbd41c%40%3Cbugs.httpd.apache.org%3E https://lists.apache • CWE-125: Out-of-bounds Read •
CVE-2021-34798 – NULL pointer dereference in httpd core
https://notcve.org/view.php?id=CVE-2021-34798
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. Unas peticiones malformadas pueden causar que el servidor haga desreferencia a un puntero NULL. Este problema afecta a Apache HTTP Server versiones 2.4.48 y anteriores A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability. • http://httpd.apache.org/security/vulnerabilities_24.html https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf https://kc.mcafee.com/corporate/index?page=content&id=SB10379 https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E • CWE-476: NULL Pointer Dereference •
CVE-2021-2351 – Oracle Database Weak NNE Integrity Key Derivation
https://notcve.org/view.php?id=CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Advanced Networking Option. • http://packetstormsecurity.com/files/165255/Oracle-Database-Protection-Mechanism-Bypass.html http://packetstormsecurity.com/files/165258/Oracle-Database-Weak-NNE-Integrity-Key-Derivation.html http://seclists.org/fulldisclosure/2021/Dec/19 http://seclists.org/fulldisclosure/2021/Dec/20 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujan2023.html https://www.oracle.com/security-alerts/cpujul2021.html https: • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-384: Session Fixation •