Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.7 views

MiracleLinux 9 : tomcat-9.0.87-3.el9_6.3 (AXSA:2025-10779:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10779:06 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-4912...

7.5CVSS7.6AI score0.63258EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/31 6:59 p.m.5 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Resource Consumption in Apache Tomcat [CVE-2025-53506]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Resource Consumption in Apache Tomcat, occuring when the HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams CVE-2025-53506. Apache Tomcat is used in our...

7.5CVSS7.4AI score0.01898EPSS
Exploits0Affected Software1
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.7 views

tomcat9 security update

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tomcat is the servlet container that is used in the official Reference...

7.5CVSS7.8AI score0.63258EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/09/19 12:0 a.m.3 views

Atlassian Jira Service Management Data Center and Server 5.12.x < 5.12.26 / 5.13.x < 10.3.9 / 10.4.x < 10.7.3 / 11.0.x < 11.0.1 DoS (JSDSERVER-16369)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16369 advisory. - Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not...

7.5CVSS8.4AI score0.01898EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/08/27 12:0 a.m.0 views

SUSE: Security Advisory (SUSE-SU-2025:02978-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.2AI score0.03163EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2025/08/07 4:57 p.m.8 views

K000152908: Apache Tomcat vulnerabilities CVE-2025-52434 and CVE-2025-53506

Security Advisory Description CVE-2025-52434 Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issu...

7.5CVSS8.4AI score0.01898EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/01 12:0 a.m.3 views

Photon OS 5.0: Apache PHSA-2025-5.0-0565

An update of the apache package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0565. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS8.2AI score0.0196EPSS
Exploits0References4
OSV
OSV
added 2025/07/25 1:16 p.m.4 views

OESA-2025-1895 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Concurrent Execution using Shar...

7.5CVSS7AI score0.0196EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/07/22 12:0 a.m.10 views

Debian: Security Advisory (DLA-4244-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.66933EPSS
Exploits8References2
Chainguard
Chainguard
added 2025/07/17 7:17 p.m.8 views

CVE-2025-53506 vulnerabilities

Vulnerabilities for packages: tomcat...

7.5CVSS7.5AI score0.01898EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/11 12:33 a.m.5 views

CVE-2025-53506

A denial of service flaw was found in Apache Tomcat. An uncontrolled resource consumption vulnerability, where an HTTP/2 client fails to acknowledge the initial settings frame that reduces the maximum permitted concurrent streams, could result in a denial of service. Mitigation Mitigation for thi...

7.5CVSS6.2AI score0.01898EPSS
Exploits0References4
NVD
NVD
added 2025/07/10 8:15 p.m.6 views

CVE-2025-53506

Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1...

7.5CVSS0.01898EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/10 12:0 a.m.6 views

Apache Tomcat 11.0.0.M1 < 11.0.9 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 11.0.9. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat11.0.9security-11 advisory. - The vulnerability exists due to overflow in file upload limit. A remote attacker can send specially...

7.5CVSS8.5AI score0.0196EPSS
Exploits0References5
Circl
Circl
added 2025/07/09 3:58 p.m.7 views

CVE-2025-53506

creationtimestamp| type| source ---|---|--- 2025-07-09 15:58:37+00:00| seen| https://bsky.app/profile/thedailytechfeed.com/post/3ltk6n4cbyk2d 2025-07-10 18:12:21+00:00| seen| https://seclists.org/oss-sec/2025/q3/31 2025-07-10 20:36:11+00:00| seen|...

7.5CVSS8.7AI score0.01898EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2025/07/09 12:0 a.m.9 views

Apache Tomcat Multiple DoS Vulnerabilities (Jul 2025) - Linux

Apache Tomcat is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.4AI score0.0196EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/07/09 12:0 a.m.6 views

Apache Tomcat Multiple DoS Vulnerabilities (Jul 2025) - Windows

Apache Tomcat is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.4AI score0.0196EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2025/07/04 12:0 a.m.8 views

KLA85813 Multiple vulnerabilities in Apache Tomcat

Multiple vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to cause denial of service. Original advisories Apache Tomcat 9.x vulnerabilities Related products Apache-Tomcat CVE list CVE-2025-52434 critical CVE-2025-52520 critical CVE-2025-53506 critical...

7.5CVSS8.6AI score0.0196EPSS
Exploits0References3
Apache Tomcat
Apache Tomcat
added 2025/07/04 12:0 a.m.15 views

Fixed in Apache Tomcat 11.0.9

Low: DoS due to overflow in file upload limit CVE-2025-52520 For some unlikely configurations of multipart upload, an Integer Overflow vulnerability could lead to a DoS via bypassing of size limits. This was fixed with commit a51e4bed. This issue was reported to the Tomcat security team on 7 June...

7.5CVSS8AI score0.0196EPSS
Exploits0Affected Software1
Rows per page
Query Builder