📦 Communications Messaging Server

CVE-2022-23305 is an SQL injection vulnerability in Log4j 1.2.x's JDBCAppender that allows attackers to execute arbitrary SQL queries by injecting malicious strings into application inputs that get lo...

CVE-2021-4104 is a deserialization vulnerability in Log4j 1.2's JMSAppender that allows remote code execution when attackers can modify Log4j configuration files. This affects systems running Log4j 1....

CVE-2021-35515 is a denial-of-service vulnerability in Apache Commons Compress's 7Z archive handling. When processing a specially crafted 7Z file, the codec list construction can enter an infinite loo...

CVE-2021-35517 is a denial-of-service vulnerability in Apache Commons Compress where specially crafted TAR archives can trigger excessive memory allocation, leading to out-of-memory errors. This affec...

A denial-of-service vulnerability in Apache CXF's JsonMapObjectReaderWriter allows attackers to send specially crafted JSON payloads to web services, causing infinite loops that consume 100% CPU on af...