Lucene search
K

45 matches found

OSV
OSV
added 2026/05/18 1:35 p.m.15 views

CLEANSTART-2026-MR27796 Security fixes for CVE-2022-23181, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2022-45143, CVE-2023-24998, CVE-2023-28708, CVE-2025-31650, CVE-2025-31651 applied in versions: 10.1.53-r0, 9.0.58-r0, 9.0.63-r0, 9.0.64-r0, 9.0.68-r0, 9.0.70-r0, 9.0.71-r0, 9.0.73-r0, 9.0.80-r0

Multiple security vulnerabilities affect the tomcat10 package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS7.5AI score0.71653EPSS
Exploits27References19
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 4:36 p.m.10 views

Security Bulletin: Vulnerabilities in Linux Kernel, MongoDB and Tomcat affect IBM Spectrum Protect Plus

Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in MongoDB, Tomcat and Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, remote execution of arbitrary code and bypassing security restrictions, a...

9.8CVSS7.2AI score0.66933EPSS
Exploits8Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/04 12:0 a.m.8 views

RockyLinux 10 : tomcat9 (RLSA-2025:11332)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:11332 advisory. tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP/2...

9.8CVSS7.6AI score0.66933EPSS
Exploits18References5
Tenable Nessus
Tenable Nessus
added 2025/10/04 12:0 a.m.8 views

RockyLinux 9 : tomcat (RLSA-2025:11335)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:11335 advisory. tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP/2...

9.8CVSS7.6AI score0.66933EPSS
Exploits18References5
OSV
OSV
added 2025/07/29 1:38 p.m.11 views

RLSA-2025:11333 Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITYUPDATE frame CVE-2025-3165...

8.1CVSS7.7AI score0.66933EPSS
Exploits18References3
Tenable Nessus
Tenable Nessus
added 2025/07/22 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0119: tomcat (ALINUX3-SA-2025:0119)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0119 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-56337: Time-of-check Time-of-use...

9.8CVSS7.3AI score0.66933EPSS
Exploits18References3
OpenVAS
OpenVAS
added 2025/07/22 12:0 a.m.10 views

Debian: Security Advisory (DLA-4244-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.66933EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2025/07/17 12:0 a.m.10 views

Oracle Linux 8 : tomcat (ELSA-2025-11333)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11333 advisory. - Resolves: RHEL-91761 tomcat: DoS via malformed HTTP/2 PRIORITYUPDATE frame CVE-2025-31650 Tenable has extracted the preceding description block...

9.8CVSS7.6AI score0.66933EPSS
Exploits18References3
Tenable Nessus
Tenable Nessus
added 2025/07/17 12:0 a.m.8 views

RHEL 8 : tomcat (RHSA-2025:11382)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:11382 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Incomplete fix for...

9.8CVSS7.7AI score0.66933EPSS
Exploits18References6
Tenable Nessus
Tenable Nessus
added 2025/07/16 12:0 a.m.9 views

RHEL 9 : tomcat (RHSA-2025:11335)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:11335 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Incomplete fix for...

9.8CVSS7.7AI score0.66933EPSS
Exploits18References6
Tenable Nessus
Tenable Nessus
added 2025/07/16 12:0 a.m.8 views

RHEL 9 : tomcat (RHSA-2025:11334)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:11334 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Incomplete fix for...

9.8CVSS7.7AI score0.66933EPSS
Exploits18References6
OSV
OSV
added 2025/07/16 12:0 a.m.11 views

ALSA-2025:11335 Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITYUPDATE frame CVE-2025-3165...

9.8CVSS9.2AI score0.66933EPSS
Exploits18References6
AlmaLinux
AlmaLinux
added 2025/07/16 12:0 a.m.10 views

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITYUPDATE frame CVE-2025-3165...

9.8CVSS9.3AI score0.66933EPSS
Exploits18References6
Exploit DB
Exploit DB
added 2025/06/05 12:0 a.m.264 views

Apache Tomcat 10.1.39 - Denial of Service (DoS)

Exploit Title: Apache Tomcat 10.1.39 - Denial of Service DOS Author: Abdualhadi khalifa CVE: CVE-2025-31650 import httpx import asyncio import random import urllib.parse import sys import socket from colorama import init, Fore, Style init class TomcatKiller: def initself: self.successcount = 0...

7.5CVSS7.4AI score0.66933EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2025/05/30 12:0 a.m.13 views

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-el-3_0-api / etc (SUSE-SU-2025:01521-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01521-1 advisory. Update to Tomcat 9.0.104 - CVE-2025-31650: invalid priority field values should be ignored bsc1242008 - CVE-2025-31651: Better...

9.8CVSS7.1AI score0.66933EPSS
Exploits6References7
OSV
OSV
added 2025/05/29 2:4 p.m.8 views

SUSE-SU-2025:01521-1 Security update for tomcat

This update for tomcat fixes the following issues: Update to Tomcat 9.0.104 - CVE-2025-31650: invalid priority field values should be ignored bsc1242008 - CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009 Full changelog:...

9.8CVSS7.5AI score0.66933EPSS
Exploits6References5
F5 Networks
F5 Networks
added 2025/05/19 12:0 a.m.28 views

K000151412: Apache Tomcat vulnerability CVE-2025-31650

Security Advisory Description CVE-2025-31650 Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger a...

9.8CVSS7.5AI score0.66933EPSS
Exploits6Affected Software36
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/16 8:6 a.m.31 views

Security Bulletin: Due to the use of Apache Tomcat, IBM ApplinX is vulnerable to an Improper Encoding or Escaping of Output vulnerability (CVE-2025-31651) and an Improper Input Validation vulnerability (CVE-2025-31651).

Summary Due to the use of Apache Tomcat, IBM ApplinX is vulnerable to an Improper Encoding or Escaping of Output vulnerability CVE-2025-31651 and an Improper Input Validation vulnerability CVE-2025-31651. Apache Tomcat has been updated within IBM ApplinX in order to address the vulnerabilities...

9.8CVSS7.1AI score0.66933EPSS
Exploits6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/05/16 12:0 a.m.13 views

Apache Tomcat 11.0.0-M1 < 11.0.6 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.104, 10.1.0-M1 prior to 10.1.40 or 11.0.0-M1 prior to 11.0.6. It is, therefore, affected by multiple vulnerabilities : - A denial of service via invalid HTTP priority header. CVE-2025-31650 - A rewrite rule bypass...

9.8CVSS9.8AI score0.66933EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2025/05/16 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2025:1537-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.66933EPSS
Exploits6References6
Rows per page
Query Builder