Redhat » Enterprise Linux : Security Vulnerabilities, CVEs, Published In 2017 (Code Execution)
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
Max CVSS
9.8
EPSS Score
81.95%
Published
2017-04-17
Updated
2022-04-04
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
Max CVSS
8.8
EPSS Score
1.66%
Published
2017-02-13
Updated
2019-08-06
2 vulnerabilities found