Lucene search
K

6 matches found

OSV
OSV
added 2026/05/12 6:30 p.m.7 views

GHSA-FV25-8XCX-GQJC Apache Tomcat - WebSocket authentication header exposure

Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.2 to 9.0.117 Older, unsupported versions may also be affected Description: If a WebSocket request was redirected after authentication, Tomcat's WebSocket client would present the most recent...

7.3CVSS5.8AI score0.00548EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/17 6:45 p.m.6 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of yaml JavaScript library

Summary Due to use of the yaml JavaScript library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2026-33532 DESCRIPTION: yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document...

4.3CVSS5.9AI score0.00469EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/07 3:38 p.m.4 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the DOMPurify library

Summary Due to the use of the DOMPurify library, DevOps Test Performance and Rational Performance Tester contain a cross-site scripting XSS vulnerability CVE-2025-15599, CVE-2026-0540 Vulnerability Details CVEID:CVE-2025-15599 DESCRIPTION: DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8...

6.1CVSS5.9AI score0.0034EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/10 6:50 a.m.10 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to command injection vulnerability (CVE-2025-64756)

Summary IBM Event Endpoint Management is vulnerable to command injection vulnerability due to Glob matches files. Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob...

7.5CVSS6.4AI score0.03026EPSS
Exploits1Affected Software1
Github Security Blog
Github Security Blog
added 2025/08/13 3:30 p.m.6 views

Apache Tomcat Session Fixation vulnerability

Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 ...

6.5CVSS7.1AI score0.00775EPSS
Exploits0References10Affected Software2
Positive Technologies
Positive Technologies
added 2019/09/17 12:0 a.m.3 views

PT-2019-16954 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.0 through 11.1 Description: The issue allows a remote user to send specially crafted requests that could consume all available CPU and memory resources, resulting in a denial of service attack. Recommendations...

7.8CVSS5.8AI score0.03518EPSS
Exploits0References4
Rows per page
Query Builder