86 matches found
CVE-2026-13935 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-13935
creationtimestamp| type| source ---|---|--- 2026-07-01 21:05:27+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmgajevnu2r 2026-07-02 04:24:58+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpn6sgwjho2q 2026-07-02 07:46:28+00:00| seen|...
CVE-2026-13935
Side-channel information leakage in ComputePressure in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13935
Side-channel information leakage in ComputePressure in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CLSA-2026-1777446601 Fix CVE(s): CVE-2020-13935
SECURITY UPDATE: denial of service via crafted WebSocket frame with a 64-bit payload length whose most significant bit is set. The extended payload length read in WsFrameBase.processRemainingHeader was assembled into a Java long without validation. With bit 63 set the value became negative, which...
CVE-2025-13935
creationtimestamp| type| source ---|---|--- 2026-01-09 08:39:03+00:00| seen| https://gist.github.com/Darkcrai86/1d8ecec637077dffac37150d9237491d 2026-01-09 09:24:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mby6geav6r2m...
EUVD-2020-6524
Malware in sbrugna...
RockyLinux 9 : golang (RLSA-2025:13935)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:13935 advisory. cmd/go: Go VCS Command Execution Vulnerability CVE-2025-4674 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...
Oracle Linux 9 : golang (ELSA-2025-13935)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-13935 advisory. 1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106464 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Linux Distros Unpatched Vulnerability : CVE-2020-13935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to...
BIT-TOMCAT-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 9.0.0 through 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service...
CVE-2019-13935
creationtimestamp| type| source ---|---|--- 2024-02-28 18:46:23+00:00| seen| https://t.me/ctinow/195751...
Important: Red Hat Security Advisory: java-17-openjdk security and bug fix update
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of...
CVE-2017-13935
Rejected reason: This candidate is unused by its CNA...
Oracle Linux 7 : tomcat (ELSA-2020-4004)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4004 advisory. - Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS - Resolves: CVE-2020-9484 tomca...
Amazon Linux 2 : tomcat (ALAS-2023-2047)
The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2047 advisory. A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker...
Security Bulletin: Vulnerabilities in IBM Java and Apache Tomcat affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem V9000 products
Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition and Apache Tomcat affect the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details CVEID:CVE-2020-2781 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java...
K45026834: Apache Tomcat vulnerability CVE-2020-13935
Security Advisory Description The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload...
SUSE CVE-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of...
RHEL 6 : Red Hat JBoss Enterprise Application Platform 6.4.24 (RHSA-2022:5459)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5459 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime. This release o...