Kingkk

**Name of the Vulnerable Software and Affected Versions** Apache Log4j versions 1.2.x Apache Log4j (affected versions not specified) **Description** The issue is related to the restoration of untrusted data in memory, which can allow a remote attacker to execute arbitrary code. It is also identified as a deserialization issue that was present in Apache Chainsaw, a component of Apache Log4j 1.2.x. **Recommendations** For Apache Log4j versions 1.2.x, migrate from `log4j:log4j` to `org.apache.logging.log4j:log4j` for an updated version of the library. At the moment, there is no information about a newer version that contains a fix for this vulnerability in other affected versions.

**Name of the Vulnerable Software and Affected Versions** Apache Chainsaw versions prior to 2.1.0 **Description** The issue is related to a deserialization flaw in the software, which could allow a remote attacker to execute arbitrary code. **Recommendations** For Apache Chainsaw versions prior to 2.1.0, update to version 2.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Oracle Coherence versions 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 **Description** The issue is related to insufficient access controls in the CacheStore component of Oracle Coherence, allowing a remote attacker to cause a denial of service. Successful exploitation can result in the ability to cause a hang or frequently repeatable crash of Oracle Coherence. **Recommendations** For versions 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0, consider restricting network access via HTTP to the CacheStore component until a patch is available. As a temporary workaround, consider disabling the CacheStore component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle WebLogic Server versions 12.2.1.3.0 through 12.2.1.4.0 Oracle WebLogic Server version 14.1.1.0.0 **Description** The issue is related to insufficient input validation in the Core component of Oracle WebLogic Server, allowing an unauthenticated attacker with network access via IIOP, T3 to compromise the server. Successful attacks can result in the takeover of Oracle WebLogic Server, impacting confidentiality, integrity, and availability. **Recommendations** For Oracle WebLogic Server versions 12.2.1.3.0 and 12.2.1.4.0, update to a version that includes the fix for this issue. For Oracle WebLogic Server version 14.1.1.0.0, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the IIOP and T3 protocols to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MySQL Server versions 8.0.20 and prior **Description** The issue is related to insufficient input validation in the Server: Security: Roles component of MySQL Server, allowing a remote attacker to gain access to modify, add, or delete data and cause a denial of service. Successful attacks can result in unauthorized ability to cause a hang or frequently repeatable crash of MySQL Server, as well as unauthorized update, insert, or delete access to some of MySQL Server's accessible data. **Recommendations** For versions 8.0.20 and prior, update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ThinkPHP version 3.2.4 **Description** The issue is related to SQL Injection via the `count` parameter. This occurs because the `parseKey` function in the `Library/Think/Db/Driver/Mysql.class.php` file mishandles the `key` variable. It is noted that a backquote character is not required in the attack URI. **Recommendations** For ThinkPHP version 3.2.4, consider restricting access to the `count` parameter to minimize the risk of SQL Injection until a patch is available. As a temporary workaround, avoid using the `parseKey` function in the `Library/Think/Db/Driver/Mysql.class.php` file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ThinkPHP version 5.1.25 **Description** The issue is related to SQL Injection via the `count` parameter. This occurs because the library/think/db/Query.php aggregate function mishandles the aggregate variable. The attack requires a backquote character in the attack URI. **Recommendations** For ThinkPHP version 5.1.25, consider restricting access to the `count` parameter in the affected API endpoint until a patch is available. As a temporary workaround, avoid using the `count` parameter in queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.