EUVD-2025-199918

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66422

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

UBUNTU-CVE-2025-66423

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

PT-2025-48378

Tryton sao aka tryton-sao before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.69...

CVE-2025-66423

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

SUSE CVE-2013-2071

java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...

Input validation

Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG OTRS Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; OTRS Community Edition: from 6.0.1 through 6.0.34...

Apache Tomcat Information Disclosure Vulnerability (May 2013) - Linux

Apache Tomcat is prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

tomcat: Information disclosure in asynchronous context when using AsyncListeners that threw RuntimeExceptions

java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...

CVE-2013-2071

java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...

Fedora 18 : tomcat-7.0.40-1.fc18 (2013-7993)

Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Apache Tomcat 7.0.0 < 7.0.40 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.40. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat7.0.40security-7 advisory. - java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not proper...

CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.39 Description: Bug 54178 described a scenario where elements of a previo...