Lucene search
K

21 matches found

Nuclei
Nuclei
added yesterday36 views

ECOA Building Automation System - Arbitrary File Retrieval

The ECOA BAS controller suffers from an arbitrary file disclosure vulnerability. Using the 'fname' POST parameter in viewlog.jsp, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information. id: CVE-2021-41293 info: name: ECOA Building Automation...

7.5CVSS7.2AI score0.20084EPSS
Exploits1References5
OSV
OSV
added 2026/06/24 1:58 p.m.13 views

ROOT-APP-MAVEN-CVE-2026-41293 CVE-2026-41293 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root

Root has patched CVE-2026-41293 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...

9.8CVSS5.8AI score0.01339EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.7 views

SUSE SLES12 Security Update : tomcat (SUSE-SU-2026:2299-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2299-1 advisory. This update for tomcat fixes the following issues Update to Tomcat 9.0.118: - CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handli...

9.8CVSS6.7AI score0.01339EPSS
Exploits2References22
SUSE Linux
SUSE Linux
added 2026/06/08 10:55 a.m.9 views

Security update for tomcat

This update for tomcat fixes the following issues Update to Tomcat 9.0.118: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...

8.7CVSS5.7AI score0.01339EPSS
Exploits2References28
OSV
OSV
added 2026/06/08 10:55 a.m.9 views

SUSE-SU-2026:2299-1 Security update for tomcat

This update for tomcat fixes the following issues Update to Tomcat 9.0.118: - CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. - CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. - CVE-2026-42498: WebSocket authentication header exposure bsc1265165. -...

9.8CVSS5.7AI score0.01339EPSS
Exploits2References15
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/05 12:0 a.m.6 views

tomcat11-11.0.22-1.1 on GA media (moderate)

tomcat11-11.0.22-1.1 on GA media Announcement ID: openSUSE-SU-2026:10927-1 Rating: moderate Cross-References: CVE-2026-41284 CVE-2026-41293 CVE-2026-42498 CVE-2026-43512 CVE-2026-43513 CVE-2026-43514 CVE-2026-43515 CVSS scores: CVE-2026-41284 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:...

8.7CVSS6.5AI score0.01339EPSS
Exploits2
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/05 12:0 a.m.5 views

tomcat10-10.1.55-1.1 on GA media (moderate)

tomcat10-10.1.55-1.1 on GA media Announcement ID: openSUSE-SU-2026:10926-1 Rating: moderate Cross-References: CVE-2026-41284 CVE-2026-41293 CVE-2026-42498 CVE-2026-43512 CVE-2026-43513 CVE-2026-43514 CVE-2026-43515 CVSS scores: CVE-2026-41284 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:...

8.7CVSS6.5AI score0.01339EPSS
Exploits2
Chainguard
Chainguard
added 2026/05/20 1:18 a.m.20 views

CVE-2026-41293 vulnerabilities

Vulnerabilities for packages: nacos-docker, nacos, ontop, ontop-fips, camunda-zeebe, kayenta-fips, camunda, thingsboard, kayenta...

9.8CVSS7.3AI score0.01339EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-41293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from...

9.8CVSS7.2AI score0.01339EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/12 5:22 p.m.7 views

geronimo:geronimo-tomcat (>=1.0 <=1.1.1), geronimo:geronimo-tomcat-builder (>=1.0 <=1.1.1) +17 more potentially affected by CVE-2026-41293 via tomcat:tomcat-coyote (>=5.5.15 <=5.5.9)

tomcat:tomcat-coyote MAVEN version =5.5.15, =1.0, =1.0, =1.1.1 - geronimo:tomcat =1.0 - org.apache.geronimo.assemblies:geronimo-tomcat-minimal =1.2-beta - org.apache.geronimo.configs:ca-helper-tomcat =1.2-beta - org.apache.geronimo.configs:dojo-tomcat =1.2-beta -...

9.8CVSS5.8AI score0.01339EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/12 5:22 p.m.11 views

br.com.arsmachina:tapestry-url-rewriter (>=1.0.1 <=2.0.0), com.butor:butor-mule (>=1.0.3 <=1.0.18) +167 more potentially affected by CVE-2026-41293 via org.apache.tomcat:coyote (>=6.0.13 <=6.0.53)

org.apache.tomcat:coyote MAVEN version =6.0.13, =1.0.1, =1.0.3, =1.5, =1.8.2, =1.40, =1.40, =1.40, =2.3.0, =2.3.0, =1.0.b1, =20250815, =20260429 and more Source cves: CVE-2026-41293 Source advisory: SNYK:JAVA-ORGAPACHETOMCAT-16691219...

9.8CVSS7.7AI score0.01339EPSS
Exploits0
Circl
Circl
added 2026/05/12 5:15 p.m.17 views

CVE-2026-41293

creationtimestamp| type| source ---|---|--- 2026-05-12 17:15:01+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mloc2ajsvu2j...

9.8CVSS5.8AI score0.01339EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/12 4:16 p.m.11 views

CVE-2026-41293

Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end of support versions may also be affected. Users are recommended to...

9.8CVSS5.7AI score0.01339EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 4:16 p.m.5 views

UBUNTU-CVE-2026-41293

Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end of support versions may also be affected. Users are recommended to...

9.8CVSS5.7AI score0.01339EPSS
Exploits0References4
Circl
Circl
added 2023/09/25 4:39 p.m.9 views

CVE-2023-41293

creationtimestamp| type| source ---|---|--- 2023-09-25 16:39:16+00:00| seen| https://t.me/cibsecurity/70985...

7.5CVSS7.3AI score0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/25 12:18 p.m.27 views

CVE-2023-41293

Data security classification vulnerability in the DDMP module. Successful exploitation of this vulnerability may affect confidentiality...

7.7AI score0.00337EPSS
Exploits0References2
CVE
CVE
added 2023/09/25 12:18 p.m.79 views

CVE-2023-41293

Huawei HarmonyOS DDMP 모듈에서 데이터 보안 분류 계층의 취약점이 보고되었습니다. CVE-2023-41293은 DDMP 모듈의 접근 제어 부재로 인해 원격에서 악용될 수 있으며, 확인된 영향은 기밀성의 손상입니다. NVD 메트릭에 따르면 이 취약점의 공격 벡터는 네트워크이며, 공격의 복잡도는 낮고, 필요 권한은 없음, 사용자 상호작용도 필요하지 않습니다. 기밀성에 높은 영향이 확인되지만, 문서에 제시된 구체적 악용 코드나 실전 공격 정보는 제공되지 않습니다. 패치 버전이나 구체적 수정안은 명시적으로 제시되어 있...

7.5CVSS7.5AI score0.00337EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2022/10/11 8:7 p.m.35 views

CVE-2022-41293

Summary: IBM Robotic Process Automation (RPA) is vulnerable to insufficient protection of credentials created in the control center (CVE-2022-41293). The vulnerability affects IBM RPA for Cloud Pak (&lt; 21.0.3), IBM RPA as a Service (&lt; 21.0.3), and IBM RPA (

7.2AI score
Exploits0
Circl
Circl
added 2021/09/30 2:37 p.m.64 views

CVE-2021-41293

creationtimestamp| type| source ---|---|--- 2021-09-30 14:37:58+00:00| seen| https://t.me/cibsecurity/29708 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-41293.yaml 2025-01-26 00:00:00+00:00| seen| The Shadowserver...

7.5CVSS7.1AI score0.20084EPSS
In wildExploits1References5
NVD
NVD
added 2021/09/30 11:15 a.m.15 views

CVE-2021-41293

ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files disclosure. Using the specific POST parameter, unauthenticated attackers can remotely disclose arbitrary files on the affected device and disclose sensitive and system information...

7.5CVSS0.20084EPSS
Exploits1References1
Rows per page
Query Builder