Lucene search
+L

86 matches found

cgr
cgr
added 2026/07/09 8:31 p.m.5 views

CVE-2026-13935 vulnerabilities

Vulnerabilities for packages: chromium...

6.5CVSS5.9AI score0.00299EPSS
Exploits0
circl
circl
added 2026/07/01 9:5 p.m.7 views

CVE-2026-13935

creationtimestamp| type| source ---|---|--- 2026-07-01 21:05:27+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmgajevnu2r 2026-07-02 04:24:58+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpn6sgwjho2q 2026-07-02 07:46:28+00:00| seen|...

6.5CVSS5.9AI score0.00299EPSS
Exploits0References4
nvd
nvd
added 2026/06/30 11:17 p.m.6 views

CVE-2026-13935

Side-channel information leakage in ComputePressure in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00299EPSS
Exploits0References2
debiancve
debiancve
added 2026/06/30 10:38 p.m.7 views

CVE-2026-13935

Side-channel information leakage in ComputePressure in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00299EPSS
Exploits0
osv
osv
added 2026/04/29 7:10 a.m.9 views

CLSA-2026-1777446601 Fix CVE(s): CVE-2020-13935

SECURITY UPDATE: denial of service via crafted WebSocket frame with a 64-bit payload length whose most significant bit is set. The extended payload length read in WsFrameBase.processRemainingHeader was assembled into a Java long without validation. With bit 63 set the value became negative, which...

7.5CVSS6.8AI score0.87553EPSS
Exploits1References1
circl
circl
added 2026/01/09 8:39 a.m.6 views

CVE-2025-13935

creationtimestamp| type| source ---|---|--- 2026-01-09 08:39:03+00:00| seen| https://gist.github.com/Darkcrai86/1d8ecec637077dffac37150d9237491d 2026-01-09 09:24:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mby6geav6r2m...

4.3CVSS5.8AI score0.00202EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-6524

Malware in sbrugna...

7.5CVSS7.4AI score0.01356EPSS
Exploits0References7
nessus
nessus
added 2025/10/04 12:0 a.m.4 views

RockyLinux 9 : golang (RLSA-2025:13935)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:13935 advisory. cmd/go: Go VCS Command Execution Vulnerability CVE-2025-4674 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...

8.6CVSS7.3AI score0.00273EPSS
Exploits0References3
nessus
nessus
added 2025/08/18 12:0 a.m.5 views

Oracle Linux 9 : golang (ELSA-2025-13935)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-13935 advisory. 1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106464 Tenable has extracted the preceding description block directly from the Oracle Linux security...

8.6CVSS7.3AI score0.00273EPSS
Exploits0References2
nessus
nessus
added 2025/03/04 12:0 a.m.23 views

Linux Distros Unpatched Vulnerability : CVE-2020-13935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to...

7.5CVSS6.8AI score0.87553EPSS
Exploits1References3
osv
osv
added 2024/03/06 11:11 a.m.204 views

BIT-TOMCAT-2020-13935

The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 9.0.0 through 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service...

7.5CVSS6.7AI score0.87553EPSS
Exploits1References18
circl
circl
added 2024/02/28 6:46 p.m.8 views

CVE-2019-13935

creationtimestamp| type| source ---|---|--- 2024-02-28 18:46:23+00:00| seen| https://t.me/ctinow/195751...

5.4CVSS5.5AI score0.00521EPSS
Exploits0References1
redhat
redhat
added 2024/01/17 7:14 p.m.70 views

Important: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of...

7.5CVSS6.9AI score0.00918EPSS
Exploits0References7
nvd
nvd
added 2023/09/14 7:15 p.m.11 views

CVE-2017-13935

Rejected reason: This candidate is unused by its CNA...

6.6AI score
Exploits0
nessus
nessus
added 2023/09/07 12:0 a.m.56 views

Oracle Linux 7 : tomcat (ELSA-2020-4004)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4004 advisory. - Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS - Resolves: CVE-2020-9484 tomca...

7.5CVSS7.4AI score0.87553EPSS
Exploits17References3
nessus
nessus
added 2023/05/17 12:0 a.m.66 views

Amazon Linux 2 : tomcat (ALAS-2023-2047)

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2047 advisory. A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker...

7.5CVSS7AI score0.87553EPSS
Exploits1References8
ibm
ibm
added 2023/03/29 1:48 a.m.65 views

Security Bulletin: Vulnerabilities in IBM Java and Apache Tomcat affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem V9000 products

Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition and Apache Tomcat affect the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details CVEID:CVE-2020-2781 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java...

7.5CVSS7.6AI score0.87553EPSS
Exploits1Affected Software2
f5
f5
added 2023/02/21 7:56 p.m.58 views

K45026834: Apache Tomcat vulnerability CVE-2020-13935

Security Advisory Description The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload...

7.5CVSS7.6AI score0.87553EPSS
Exploits1Affected Software1
susecve
susecve
added 2023/02/15 3:58 a.m.10 views

SUSE CVE-2020-13935

The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of...

7.5CVSS6.8AI score0.87553EPSS
Exploits1References11
nessus
nessus
added 2022/07/01 12:0 a.m.88 views

RHEL 6 : Red Hat JBoss Enterprise Application Platform 6.4.24 (RHSA-2022:5459)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5459 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8.7AI score0.87553EPSS
Exploits11References19
Rows per page
Query Builder