MiracleLinux 9 : tomcat-9.0.62-37.el9_3.1 (AXSA:2024-7474:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7474:03 advisory. tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows...

EUVD-2025-6885

Malicious code in bioql PyPI...

RHEL 10 : tomcat9 (RHSA-2025:14178)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14178 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages...

CVE-2025-53891

The timelineofficial/Time-Line- repository contains the source code for the TIME LINE website. A vulnerability was found in the TIME LINE website where uploaded files instruction/message media are not strictly validated for type and size. A user may upload renamed or oversized files that can...

Denial of Service (DoS)

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Denial of Service DoS through the file upload process. An attacker can append a large number of characters to the end of a multipart boundary, causin...

PT-2025-12119 · Unknown · Imartinez/Privategpt

Name of the Vulnerable Software and Affected Versions: imartinez/privategpt version v0.6.2 Description: A Denial of Service DoS vulnerability exists in the file upload feature. The issue is due to improper handling of form-data with a large filename in the file upload request. An attacker can...

Linux Distros Unpatched Vulnerability : CVE-2021-40524

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Pure-FTPd before 1.0.50, an incorrect maxfilesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial ...

Important: tomcat

Issue Overview: A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker without access to the Tomcat process or configuration files could be able to manipulate the RMI registry to perform a man-in-the-middle attack. The attacker could...

Debian DSA-3010-1 : python-django - security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-0480 Florian Apolloner discovered that in certain situations, URL reversing could generate...