Lucene search
K

25 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:51 a.m.79 views

Security Bulletin: IBM UrbanCode Build 6.1.7.10 addresses multiple vulnerabilities.

Summary Security Bulletin: IBM UrbanCode Build 6.1.7.10 addresses multiple vulnerabilities, listed in multiple CVEs CVE-2023-34981, CVE-2022-1471, CVE-2022-4065, CVE-2021-23450, CVE-2021-23450, CVE-2022-40151, CVE-2022-41966, CVE-2023-41080, CVE-2022-48285, CBE-2020-11971, CVE-2023-28709,...

9.8CVSS9.9AI score0.99615EPSS
Exploits13Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.13 views

Photon OS 4.0: Apache PHSA-2023-4.0-0466

An update of the apache package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0466. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS7.8AI score0.01116EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/30 6:51 p.m.30 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to sensitive information exposure in Apache Tomcat [CVE-2023-34981]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to sensitive information exposure in Apache Tomcat, caused by a flaw when a response did not have any HTTP headers set CVE-2023-34981. Apache Tomcat is a component used by our Speech microservices. This...

7.5CVSS7.2AI score0.01116EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/24 7:1 p.m.93 views

Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-34981 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain...

9.8CVSS9.9AI score0.76768EPSS
Exploits20Affected Software1
NCSC
NCSC
added 2023/10/19 12:0 a.m.3 views

Vulnerability fixed in Oracle Supply Chain

Oracle has fixed a vulnerability in Agile PLM. A malicious party could exploit the vulnerability to gain sensitive information or full access to all data accessible to Oracle Agile PLM accessible data. Oracle has fixed the vulnerability in the following product: - Oracle Agile PLM...

7.5CVSS7.2AI score0.01116EPSS
Exploits0
NCSC
NCSC
added 2023/10/19 12:0 a.m.58 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications products. A malicious party could exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data Acce...

9.8CVSS7.7AI score0.76768EPSS
Exploits41
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/09 10:45 a.m.33 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Process Mining . CVE-2023-34981

Summary There is a vulnerability in Apache Tomcat that could allow a remote attacker to obtain sensitive information. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-34981 DESCRIPTION:...

7.5CVSS7.4AI score0.01116EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/24 9:23 a.m.38 views

Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities

Summary IBM Data Risk Manager IDRM 2.0.6.17, which is the only supported version, is affected by multiple vulnerabilities. The vulnerabilities have been addressed in the updated version of IDRM 2.0.6.18. Please see the remediation steps below to apply the fix. All customers are encouraged to act...

9.8CVSS9.7AI score0.51547EPSS
Exploits5Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/12 12:0 a.m.42 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.6.2.7)

The version of AOS installed on the remote host is prior to 6.6.2.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.6.2.7 advisory. - A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did n...

7.5CVSS6.7AI score0.46836EPSS
Exploits1References4
Atlassian
Atlassian
added 2023/06/26 7:32 a.m.53 views

Upgrade Tomcat to fix CVE-2023-34981

h3. Issue Summary Apache Tomcat should be upgraded to 9.0.75+ or a later version to fix CVE-2023-34981|https://nvd.nist.gov/vuln/detail/CVE-2023-34981 panel:bgColor=e3fcef Bamboo is not vulnerable to this issue as it does not bundle Apache Tomcat 9.0.74 on any of its releases. This is an...

7.5CVSS7.4AI score0.01116EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/06/23 1:45 a.m.4 views

SUSE CVE-2023-34981

A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SENDHEADERS messare woudl be sent for the response which in turn meant that at least one AJP proxy modproxyajp would use the response heade...

7.5CVSS7.8AI score0.01116EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/06/22 12:0 a.m.22 views

Apache Tomcat Information Disclosure Vulnerability (Jun 2023) - Linux

Apache Tomcat is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"...

7.5CVSS8.5AI score0.01116EPSS
Exploits0References5
Circl
Circl
added 2023/06/21 2:26 p.m.3 views

CVE-2023-34981

creationtimestamp| type| source ---|---|--- 2023-06-21 14:26:10+00:00| seen| https://t.me/cibsecurity/65380 2024-02-07 09:37:01+00:00| seen| https://t.me/ctinow/180591...

7.5CVSS6.5AI score0.01116EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/21 10:26 a.m.17 views

CVE-2023-34981 Apache Tomcat: AJP response header mix-up

A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SENDHEADERS messare woudl be sent for the response which in turn meant that at least one AJP proxy modproxyajp would use the response heade...

7.6AI score0.01116EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/21 10:26 a.m.22 views

CVE-2023-34981 Apache Tomcat: AJP response header mix-up

A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SENDHEADERS messare woudl be sent for the response which in turn meant that at least one AJP proxy modproxyajp would use the response heade...

7.4AI score0.01116EPSS
Exploits0References2
OSV
OSV
added 2023/06/21 10:26 a.m.35 views

CVE-2023-34981 Apache Tomcat: AJP response header mix-up

A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SENDHEADERS messare woudl be sent for the response which in turn meant that at least one AJP proxy modproxyajp would use the response heade...

7.5CVSS6.7AI score0.01116EPSS
Exploits0References4
CVE
CVE
added 2023/06/21 10:26 a.m.300 views

CVE-2023-34981

CVE-2023-34981 affects Apache Tomcat: a regression in the fix for bug 66512 causes no AJP SEND_HEADERS to be sent when a response has no HTTP headers, allowing an information leak via proxies (e.g., mod_proxy_ajp) leaking headers from a previous request. The initial description lists affected Tom...

7.5CVSS7.4AI score0.01116EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/06/21 12:0 a.m.27 views

Apache Tomcat 10.1.0 < 10.1.9

The version of Tomcat installed on the remote host is prior to 10.1.9. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat10.1.9security-10 advisory. - A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a...

7.5CVSS7.5AI score0.01116EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/06/21 12:0 a.m.27 views

Apache Tomcat 11.0.0-M1 < 11.0.0-M6

The version of Tomcat installed on the remote host is prior to 11.0.0-M6. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat11.0.0-m6security-11 advisory. - A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, ...

7.5CVSS7.5AI score0.01116EPSS
Exploits0References5
Apache Tomcat
Apache Tomcat
added 2023/05/19 12:0 a.m.60 views

Fixed in Apache Tomcat 8.5.89

Important: Information disclosure CVE-2023-34981 The fix for bug 66512 introduced a regression that was fixed as bug 66591. The regression meant that, if a response did not have any HTTP headers set, no AJP SENDHEADERS message would be sent which in turn meant that at least one AJP based proxy...

7.5CVSS7.3AI score0.01116EPSS
Exploits0Affected Software1
Rows per page
Query Builder