|Max CVSS||7.5||Min CVSS||5.0||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
|24-04-2017 - 20:32||17-04-2017 - 17:59|
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request
|16-03-2014 - 00:11||10-02-2011 - 13:00|