Lucene search
K

38 matches found

OSV
OSV
added 5 days ago4 views

DEBIAN-CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS5.7AI score0.00261EPSS
Exploits0References1
NVD
NVD
added 5 days ago8 views

CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS0.00261EPSS
Exploits0References2
OSV
OSV
added 5 days ago2 views

UBUNTU-CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS5.7AI score0.00261EPSS
Exploits0References7
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-55955 Apache Tomcat: EncryptInterceptor not protected against replay attacks

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

0.00261EPSS
Exploits0References1
CVE
CVE
added 5 days ago34 views

CVE-2026-55955

CVE-2026-55955 describes an improper authentication flaw in Apache Tomcat’s EncryptionInterceptor for Tribes clustering, allowing a replay attack. Affected versions include Tomcat 11.0.0-M1–11.0.22, 10.1.0-M1–10.1.55, 9.0.13–9.0.18, 8.5.38–8.5.100, and 7.0.100–7.0.109. Remediation is to upgrade t...

6.5CVSS5.7AI score0.00261EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 5 days ago3 views

CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS5.7AI score0.00261EPSS
Exploits0
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-53744

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.22 Apache Tomcat versions 10.1.0-M1 through 10.1.55 Apache Tomcat versions 9.0.13 through 9.0.18 Apache Tomcat versions 8.5.38 through 8.5.100 Apache Tomcat versions 7.0.100 through 7.0.109...

5.8AI score0.00261EPSS
Exploits0References4
Redos
Redos
added 2026/03/10 12:0 a.m.7 views

ROS-20260310-73-0001

A vulnerability in the Cluster: General component of the MySQL Cluster database management system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, add or delete data or cause a denial of service...

5.5CVSS5.8AI score0.00819EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-37362

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00372EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.5 views

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows a hacker to cause a service failure.

Vulnerability of the MySQL Cluster component: General database management systems related to MySQL Cluster are vulnerable to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.8CVSS7AI score0.00485EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.8 views

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain full control over the application

Vulnerability of the Cluster component: General database management systems like MySQL Cluster are vulnerable due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain full control over the application...

6.8CVSS7.1AI score0.0017EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/15 12:0 a.m.6 views

PT-2025-29623 · Oracle · Mysql 8.4 +2

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.0 through 8.0.42 Oracle MySQL versions 8.4.0 through 8.4.5 Oracle MySQL versions 9.0.0 through 9.3.0 Description: This issue affects the Cluster component of Oracle MySQL. A highly privileged attacker with logon acce...

6.8CVSS6.9AI score0.0017EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/05/09 12:0 a.m.6 views

The vulnerability of the pg-cluster component of the BIG-IP Next Central Manage application programming interface allows a attacker to disclose protected information.

The vulnerability of the pg-cluster component of the BIG-IP Next Central Manage application programming interface is related to the disclosure of information through registration files. Exploiting this vulnerability can allow an attacker to disclose the protected information...

4.6CVSS6.2AI score0.00152EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.6 views

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain access to read, modify, or delete data.

Vulnerability of the MySQL Cluster component: General database management system vulnerabilities related to MySQL Cluster are associated with insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete access to data using the MySQL...

5.5CVSS6.7AI score0.00624EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2024/08/02 4:17 a.m.3 views

CVE-2024-38482

CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive...

7.2CVSS5.9AI score0.00372EPSS
Exploits0References1
NVD
NVD
added 2024/08/02 4:17 a.m.18 views

CVE-2024-38482

CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive...

7.2CVSS0.00372EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/02 4:12 a.m.14 views

CVE-2024-38482

CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive...

6.6CVSS6.8AI score0.00372EPSS
Exploits0References1
CVE
CVE
added 2024/08/02 4:12 a.m.35 views

CVE-2024-38482

CVE-2024-38482 affects Dell CloudLink 7.1.x and 8.x, due to an improper check/handling of exceptional conditions in the Cluster Component. A highly privileged remote attacker could potentially execute unauthorized actions and access sensitive database information. Public references in the connect...

7.2CVSS6.5AI score0.00372EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/02 12:0 a.m.7 views

PT-2024-28027 · Cloudlink · Cloudlink

Name of the Vulnerable Software and Affected Versions: CloudLink versions 7.1.x through 8.x Description: The issue is related to an improper check or handling of exceptional conditions in the Cluster Component. A highly privileged malicious user with remote access could potentially exploit this,...

7.2CVSS6.9AI score0.00372EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/06/04 12:0 a.m.7 views

Vulnerability of the Cluster component: The general database management system of Oracle MySQL Server, which allows attackers to disclose sensitive information.

The vulnerability of the Oracle MySQL Server component in the Oracle database management system involves insufficient protection for operational data. Exploiting this vulnerability can allow an attacker to disclose sensitive information that should be protected...

2.2CVSS6.9AI score0.00401EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder