EUVD-2025-43980

Malicious code in gita-tiwul91-sukiwir npm...

CVE-2025-43980

An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN. They enable the SSH service by default with the credentials of root/admin. The GUI doesn't offer a way to disable the account...

CVE-2025-43980

An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN. They enable the SSH service by default with the credentials of root/admin. The GUI doesn't offer a way to disable the account...

Linux Distros Unpatched Vulnerability : CVE-2021-43980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremel...

WordPress Fota WP Theme <= 1.4.1 is vulnerable to Broken Access Control

Software Fota WP Type Theme Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43980 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b10d5d19d02a Credits Fariq Fadillah Gusti Insani...

RHEL 8 : pki-servlet-engine (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - Apache Tomcat: Information disclosure CVE-2021-43980 Note that Nessus has not tested for this issue but has instead...

CVE-2023-43980

creationtimestamp| type| source ---|---|--- 2023-10-03 02:47:23+00:00| seen| https://t.me/cibsecurity/71443...

CVE-2023-43980

Presto Changeo testsitecreator up to v1.1.1 was discovered to contain a SQL injection vulnerability via the component disablejson.php...

CVE-2023-43980

CVE-2023-43980 describes a SQL injection vulnerability in the Presto Changeo testsitecreator up to version 1.1.1, caused by the component disable_json.php . The connected sources confirm the affected software and the vulnerable component, but do not provide details on exploit status, attack vecto...

Amazon Linux 2 : tomcat, --advisory ALAS2TOMCAT9-2023-005 (ALASTOMCAT9-2023-005)

The version of tomcat installed on the remote host is prior to 9.0.65-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT9-2023-005 advisory. The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards...

Low: tomcat

Issue Overview: The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5...

Updated tomcat packages fix security vulnerability

Information disclosure due to concurrency bug CVE-2021-43980 Fix for CVE-2020-9484 introduced a time of check, time of use vulnerability CVE-2022-23181 Correct documentation to warn of use over untrusted networks. CVE-2022-29885 Correct documentation showing use of XSS vulnerability. CVE-2022-343...

CVE-2022-43980 Cross-site scripting vulnerability in the network maps edit functionality

There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. An attacker could modify a network map, including on purpose the name of an XSS payload. Once created, if a user with admin privileges clicks on the edited network maps, the XSS...

Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-43980

Summary IBM UrbanCode Build is affected by CVE-2021-43980 Vulnerability Details CVEID:CVE-2021-43980 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a long standing concurrency flaw in the simplified implementation of blocking reads and writes. ...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Tomcat

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache Tomcat. Vulnerability Details CVEID:CVE-2021-43980 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a long standing concurrency flaw in the simplified...

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-el-3_0-api / etc (SUSE-SU-2022:4257-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4257-1 advisory. - CVE-2021-43980: Fixed information disclosure due to concurrency issues in Http11Processor bsc1203868. - CVE-2022-42252: Fixed a...

SUSE: Security Advisory (SUSE-SU-2022:4257-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:4221-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-el-3_0-api / etc (SUSE-SU-2022:4221-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4221-1 advisory. - CVE-2021-43980: Improve the recycling of Processor objects to make it more robust. bsc1203868 - CVE-2022-42252: Fixed a request...

SUSE: Security Advisory (SUSE-SU-2022:4009-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...