Lucene search
K

5 matches found

Atlassian
Atlassian
added 2026/04/14 10:29 p.m.24 views

HTTP Request Smuggling org.apache.tomcat:tomcat-catalina Dependency in Bamboo Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in version 9.6.0, 10.0.0, 10.1.1, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N...

7.5CVSS5.7AI score0.00453EPSS
Exploits0
Cvelist
Cvelist
added 2026/02/17 6:53 p.m.35 views

CVE-2026-24734 Apache Tomcat Native, Apache Tomcat: OCSP revocation bypass

Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native and Tomcat's FFM port of the Tomcat Native code did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypasse...

0.00498EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/21 10:51 p.m.4 views

CVE-2026-24048 Backstage has a Possible SSRF when reading from allowed URL's in `backend.reading.allow`

Backstage is an open framework for building developer portals, and @backstage/backend-defaults provides the default implementations and setup for a standard Backstage backend app. Prior to versions 0.12.2, 0.13.2, 0.14.1, and 0.15.0, the FetchUrlReader component, used by the catalog and other...

3.5CVSS5.7AI score0.00201EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/01 3:25 p.m.5 views

Security Bulletin: due to the use of 10x UI, IBM Transformation Extender Advanced is vulnerable to unsafe deserialization in Java

Summary IBM Transformation Extender Advanced also known as IBM Standards Processing Engine has a vulnerability that could allow attackers to perform remote code execution. Please upgrade to one of the fixed versions in this bulletin. Vulnerability Details CVEID:CVE-2022-42441 DESCRIPTION: IBM...

8.3AI score
Exploits0Affected Software1
OSV
OSV
added 2003/01/03 12:0 a.m.15 views

DSA-221 mhonarc - cross site scripting

Bulletin has no description...

4.3CVSS6.2AI score0.01235EPSS
Exploits0
Rows per page
Query Builder