Lucene search
K

28 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.7 views

MiracleLinux 9 : tomcat-9.0.87-3.el9_6.3 (AXSA:2025-10779:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10779:06 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-4912...

7.5CVSS7.6AI score0.63258EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.10 views

TencentOS Server 4: tomcat (TSSA-2025:0623)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0623 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7.5AI score0.63258EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.6 views

Oracle Siebel Server is prior to 25.10 (October 2025 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through...

8.4CVSS7.3AI score0.53228EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/10/22 12:0 a.m.11 views

TencentOS Server 3: tomcat (TSSA-2025:0797)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0797 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.7AI score0.63258EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/15 2:47 p.m.15 views

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been addressed in the update. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons...

7.5CVSS8.7AI score0.63258EPSS
Exploits2Affected Software1
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.6 views

tomcat9 security update

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tomcat is the servlet container that is used in the official Reference...

7.5CVSS7.8AI score0.63258EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0142: tomcat (ALINUX3-SA-2025:0142)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0142 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-48976: Allocation of resources fo...

7.5CVSS7.7AI score0.63258EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2025/07/22 12:0 a.m.10 views

Debian: Security Advisory (DLA-4244-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.66933EPSS
Exploits8References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/17 6:27 p.m.30 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to multiple Apache Tomcat vulnerabilities (CVE-2025-48976, CVE-2025-48988)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD is susceptible to multiple Apache Tomcat vulnerabilities CVE-2025-48976, CVE-2025-48988 Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability i...

7.5CVSS7.5AI score0.63258EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2025/07/15 12:0 a.m.9 views

SUSE: Security Advisory (SUSE-SU-2025:02280-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.53228EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.8 views

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (SUSE-SU-2025:02280-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02280-1 advisory. - CVE-2025-46701: Fixed refactor CGI servlet to access resources via WebResources bsc1243815. - CVE-2025-48988: Fixe...

7.5CVSS7.1AI score0.53228EPSS
Exploits2References11
OpenVAS
OpenVAS
added 2025/07/11 12:0 a.m.9 views

openSUSE Security Advisory (SUSE-SU-2025:02261-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.53228EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2025/07/11 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2025:02261-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.53228EPSS
Exploits2References7
SUSE Linux
SUSE Linux
added 2025/07/10 4:5 p.m.7 views

Security update for tomcat

This update for tomcat fixes the following issues: CVE-2025-46701: Fixed refactor CGI servlet to access resources via WebResources bsc1243815. CVE-2025-48988: Fixed limits the total number of parts in a multi-part request and limits the size of the headers provided with each part bsc1244656...

9.1CVSS7.8AI score0.53228EPSS
Exploits2References14
OpenVAS
OpenVAS
added 2025/07/07 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2025:02214-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.53228EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2025/07/04 12:0 a.m.9 views

SUSE SLES12: tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (SUSE-SU-2025:02214-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02214-1 advisory. - CVE-2025-46701: Refactored CGI servlet to access resources via WebResources bsc1243815. - CVE-2025-48988: Limited the total number of parts ...

7.5CVSS7.1AI score0.53228EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2025/07/02 12:0 a.m.8 views

Photon OS 4.0: Apache PHSA-2025-4.0-0823

An update of the apache package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0823. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.4CVSS8AI score0.53228EPSS
Exploits2References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/26 12:0 a.m.11 views

JVN#09924566: Denial-of-service (DoS) vulnerabilities in multiple Apache products

Multiple Apache products provided by The Apache Software Foundation contain vulnerabilities listed below. Allocation of resources without limits or throttling CWE-770 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base...

7.5CVSS7.1AI score0.63258EPSS
Exploits1
Mageia
Mageia
added 2025/06/25 5:31 a.m.14 views

Updated tomcat packages fix security vulnerabilities

FileUpload large number of parts with headers DoS. CVE-2025-48988 Security constraint bypass for pre/post-resources. CVE-2025-49125...

7.5CVSS7.4AI score0.53228EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2025/06/25 12:0 a.m.9 views

Mageia: Security Advisory (MGASA-2025-0191)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.53228EPSS
Exploits1References5
Rows per page
Query Builder