Communications unified inventory management

This hub aggregates every CVE we track for Communications unified inventory management, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Communications unified inventory management.

• CVE-2022-22965A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a W...KEV9.8Apr 1, 2022
• CVE-2022-23632Traefik skips the router TLS configuration when the host header is an FQDN7.4Feb 17, 2022
• CVE-2022-23307A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.8.8Jan 18, 2022
• CVE-2022-23305SQL injection in JDBC Appender in Apache Log4j V19.8Jan 18, 2022
• CVE-2022-23302Deserialization of untrusted data in JMSSink in Apache Log4j 1.x8.8Jan 18, 2022
• CVE-2021-45105Apache Log4j2 does not always protect from infinite recursion in lookup evaluation5.9Dec 18, 2021
• CVE-2021-4104Deserialization of untrusted data in JMSAppender in Apache Log4j 1.27.5Dec 14, 2021
• CVE-2021-39150A Server-Side Forgery Request vulnerability in XStream via PriorityQueue unmarshaling8.5Aug 23, 2021
• CVE-2021-39152A Server-Side Forgery Request vulnerability in XStream via HashMap unmarshaling8.5Aug 23, 2021
• CVE-2021-39140XStream can cause a Denial of Service6.5Aug 23, 2021
• CVE-2021-39149XStream is vulnerable to an Arbitrary Code Execution attack8.5Aug 23, 2021
• CVE-2021-39148XStream is vulnerable to an Arbitrary Code Execution attack8.5Aug 23, 2021
• CVE-2021-39147XStream is vulnerable to an Arbitrary Code Execution attack8.5Aug 23, 2021
• CVE-2021-39146XStream is vulnerable to an Arbitrary Code Execution attack8.5Aug 23, 2021
• CVE-2021-39145XStream is vulnerable to an Arbitrary Code Execution attack8.5Aug 23, 2021