Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 10

Clear Filters
Found 2886 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-40023 Apache Log4cxx, Apache Log4cxx (Conan), Apache Log4cxx (Brew): Silent log event loss in XMLLayout due to unescaped XML 1.0 forbidden characters Apache Software FoundationApache Log4cxx 中危 -2026-04-10 15:45:53 Deep Dive
CVE-2026-40021 Apache Log4net: Silent log event loss in XmlLayout and XmlLayoutSchemaLog4J due to unescaped XML 1.0 forbidden characters Apache Software FoundationApache Log4net 中危 -2026-04-10 15:44:17 Deep Dive
CVE-2026-34481 Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout Apache Software FoundationApache Log4j JSON Template Layout 中危 -2026-04-10 15:43:00 Deep Dive
CVE-2026-34480 Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters Apache Software FoundationApache Log4j Core--2026-04-10 15:42:04 Deep Dive
CVE-2026-34479 Apache Log4j 1 to Log4j 2 bridge: Silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters Apache Software FoundationApache Log4j 1 to Log4j 2 bridge--2026-04-10 15:41:08 Deep Dive
CVE-2026-34478 Apache Log4j Core: Log injection in Rfc5424Layout due to silent configuration incompatibility Apache Software FoundationApache Log4j Core--2026-04-10 15:40:18 Deep Dive
CVE-2026-34477 Apache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypass Apache Software FoundationApache Log4j Core--2026-04-10 15:36:20 Deep Dive
CVE-2026-39304 Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incorrect handling of TLSv1.3 KeyUpdate can be exploited to cause DoS via OOM Apache Software FoundationApache ActiveMQ Client 高危 -2026-04-10 10:54:04 Deep Dive
CVE-2026-34500 Apache Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled Apache Software FoundationApache Tomcat--2026-04-09 19:36:53 Deep Dive
CVE-2026-34487 Apache Tomcat: Cloud membership for clustering component exposed the Kubernetes bearer token Apache Software FoundationApache Tomcat--2026-04-09 19:36:12 Deep Dive
CVE-2026-34486📌💣 Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor Apache Software FoundationApache Tomcat--2026-04-09 19:35:36 Deep Dive
CVE-2026-34483 Apache Tomcat: Incomplete escaping of JSON access logs Apache Software FoundationApache Tomcat--2026-04-09 19:30:29 Deep Dive
CVE-2026-32990 Apache Tomcat: Fix for CVE-2025-66614 is incomplete Apache Software FoundationApache Tomcat--2026-04-09 19:23:50 Deep Dive
CVE-2026-29146 Apache Tomcat: EncryptInterceptor vulnerable to padding oracle attack by default Apache Software FoundationApache Tomcat--2026-04-09 19:21:57 Deep Dive
CVE-2026-29145 Apache Tomcat, Apache Tomcat Native: OCSP checks sometimes soft-fail even when soft-fail is disabled Apache Software FoundationApache Tomcat--2026-04-09 19:20:25 Deep Dive
CVE-2026-29129 Apache Tomcat: TLS cipher order is not preserved Apache Software FoundationApache Tomcat--2026-04-09 19:19:41 Deep Dive
CVE-2026-25854📌 Apache Tomcat: Occasionally open redirect Apache Software FoundationApache Tomcat--2026-04-09 19:13:14 Deep Dive
CVE-2026-24880 Apache Tomcat: Request smuggling via invalid chunk extension Apache Software FoundationApache Tomcat--2026-04-09 19:12:11 Deep Dive
CVE-2026-40046 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT: Missing fix for CVE-2025-66168: MQTT control packet remaining length field is not properly validated Apache Software FoundationApache ActiveMQ--2026-04-09 15:58:33 Deep Dive
CVE-2026-33005 Apache OpenMeetings: Insufficient checks in FileWebService Apache Software FoundationApache OpenMeetings--2026-04-09 15:52:51 Deep Dive