38 matches found
DEBIAN-CVE-2026-55955
Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...
CVE-2026-55955
Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...
UBUNTU-CVE-2026-55955
Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...
CVE-2026-55955 Apache Tomcat: EncryptInterceptor not protected against replay attacks
Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...
CVE-2026-55955
CVE-2026-55955 describes an improper authentication flaw in Apache Tomcat’s EncryptionInterceptor for Tribes clustering, allowing a replay attack. Affected versions include Tomcat 11.0.0-M1–11.0.22, 10.1.0-M1–10.1.55, 9.0.13–9.0.18, 8.5.38–8.5.100, and 7.0.100–7.0.109. Remediation is to upgrade t...
CVE-2026-55955
Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...
PT-2026-53744
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.22 Apache Tomcat versions 10.1.0-M1 through 10.1.55 Apache Tomcat versions 9.0.13 through 9.0.18 Apache Tomcat versions 8.5.38 through 8.5.100 Apache Tomcat versions 7.0.100 through 7.0.109...
ROS-20260310-73-0001
A vulnerability in the Cluster: General component of the MySQL Cluster database management system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, add or delete data or cause a denial of service...
EUVD-2024-37362
Malicious code in bioql PyPI...
Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows a hacker to cause a service failure.
Vulnerability of the MySQL Cluster component: General database management systems related to MySQL Cluster are vulnerable to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain full control over the application
Vulnerability of the Cluster component: General database management systems like MySQL Cluster are vulnerable due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain full control over the application...
PT-2025-29623 · Oracle · Mysql 8.4 +2
Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.0 through 8.0.42 Oracle MySQL versions 8.4.0 through 8.4.5 Oracle MySQL versions 9.0.0 through 9.3.0 Description: This issue affects the Cluster component of Oracle MySQL. A highly privileged attacker with logon acce...
The vulnerability of the pg-cluster component of the BIG-IP Next Central Manage application programming interface allows a attacker to disclose protected information.
The vulnerability of the pg-cluster component of the BIG-IP Next Central Manage application programming interface is related to the disclosure of information through registration files. Exploiting this vulnerability can allow an attacker to disclose the protected information...
Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain access to read, modify, or delete data.
Vulnerability of the MySQL Cluster component: General database management system vulnerabilities related to MySQL Cluster are associated with insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete access to data using the MySQL...
CVE-2024-38482
CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive...
CVE-2024-38482
CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive...
CVE-2024-38482
CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive...
CVE-2024-38482
CVE-2024-38482 affects Dell CloudLink 7.1.x and 8.x, due to an improper check/handling of exceptional conditions in the Cluster Component. A highly privileged remote attacker could potentially execute unauthorized actions and access sensitive database information. Public references in the connect...
PT-2024-28027 · Cloudlink · Cloudlink
Name of the Vulnerable Software and Affected Versions: CloudLink versions 7.1.x through 8.x Description: The issue is related to an improper check or handling of exceptional conditions in the Cluster Component. A highly privileged malicious user with remote access could potentially exploit this,...
Vulnerability of the Cluster component: The general database management system of Oracle MySQL Server, which allows attackers to disclose sensitive information.
The vulnerability of the Oracle MySQL Server component in the Oracle database management system involves insufficient protection for operational data. Exploiting this vulnerability can allow an attacker to disclose sensitive information that should be protected...