📦 Communications Unified Inventory Management

CVE-2022-23305 is an SQL injection vulnerability in Log4j 1.2.x's JDBCAppender that allows attackers to execute arbitrary SQL queries by injecting malicious strings into application inputs that get lo...

Traefik versions before 2.6.1 incorrectly handle TLS configuration when requests use fully qualified domain names (FQDNs) in the Host header, potentially causing the wrong TLS certificate to be used. ...

CVE-2021-4104 is a deserialization vulnerability in Log4j 1.2's JMSAppender that allows remote code execution when attackers can modify Log4j configuration files. This affects systems running Log4j 1....

CVE-2021-39150 is a deserialization vulnerability in XStream library that allows remote attackers to access internal resources by manipulating XML input streams. Only affects users who rely on XStream...

CVE-2021-39154 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input streams. Only users who haven't implemented XStream...

CVE-2021-39144 is a remote code execution vulnerability in XStream library versions before 1.4.18. Attackers with sufficient privileges can execute arbitrary commands on the host by manipulating XML i...

CVE-2021-39146 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input streams. Only users who haven't implemented XStream...

CVE-2021-39148 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input streams. Only users who haven't implemented XStream...

CVE-2021-39151 is a remote code execution vulnerability in XStream library versions before 1.4.18. Attackers can manipulate XML input to execute arbitrary code on affected systems. Only users who have...

CVE-2021-39139 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input streams. Users are affected if they use XStream out...

This vulnerability allows a locally authenticated malicious user to escalate privileges in Spring Framework WebFlux applications by manipulating temporary storage directories. Attackers can read or mo...

CVE-2021-21341 is a denial-of-service vulnerability in XStream library where specially crafted XML input can cause 100% CPU consumption on target systems. Only users who haven't implemented XStream's ...