Tiny Java Web Server - Cross-Site Scripting

A reflected cross-site scripting vulnerability in the web server TTiny Java Web Server and Servlet Container TJWS =1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error page. id: CVE-2021-37573 info: name: Tiny Java Web Server - Cross-Site Scripting author:...

CVE-1999-0283

The Java Web Server would allow remote users to obtain the source code for CGI programs...

EUVD-2001-0186

Malware in sbrugna...

EUVD-2000-0806

Malware in sbrugna...

EUVD-1999-0283

Malware in sbrugna...

EUVD-2000-0625

Malware in sbrugna...

africa.absa:inception-application (>=1.0.0 <=1.2.0), app.fmgp:scala-did-docs_3 (>=0.1.0-M16 <=0.1.0-M33) +3474 more potentially affected by CVE-2025-9784 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.2.37.Final)

io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =0.1.0-M16, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.2.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2025-9784 Source advisory: OSV:GHSA-95H4-W6J8-2RP8...

CVE-2021-37573

A reflected cross-site scripting XSS vulnerability in the web server TTiny Java Web Server and Servlet Container TJWS =1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error page...

[SECURITY] [DLA 4108-1] tomcat9 security update

Debian LTS Advisory DLA-4108-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 02, 2025 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.43-2deb11u12 CVE ID : CVE-2025-24813 A security vulnerability was found in Tomcat 9, a Java based web server a...

[SECURITY] [DLA 4017-1] tomcat9 security update

Debian LTS Advisory DLA-4017-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 17, 2025 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.43-2deb11u11 CVE ID : CVE-2024-21733 CVE-2024-38286 CVE-2024-50379 CVE-2024-52316 CVE-2024-56337 Several...

OESA-2024-2419 undertow security update

Java web server using non-blocking IO Security Fixes: A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory.CVE-2023-19...

UBUNTU-CVE-2024-6763

Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs from the common browser...

CVE-2024-22201

Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to st...

Red Hat Undertow Security Vulnerability

Red Hat Undertow is a Java-based embedded web server from Red Hat, Inc. and is the default web server for Wildfly Java Application Server. A security vulnerability exists in Red Hat Undertow. An attacker could exploit this vulnerability to cause a denial of service on the system...

OESA-2023-1202 undertow security update

Java web server using non-blocking IO Security Fixes: A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.CVE-2023-1108...

TJWS 路径遍历漏洞

TJWS is a small Java Web and App server for drogatkin individual developers. A path traversal vulnerability exists in TJWS. An attacker could use this vulnerability to obtain sensitive information in directory folders...

Red Hat Undertow 安全漏洞

Red Hat Undertow is a Java-based embedded web server from Red Hat, Inc. and is the default web server for Wildfly Java Application Server. Red Hat Undertow has a security vulnerability that stems from a DoS that can be realized when the Undertow server waits forever for an EJB call to LASTCHUNK...

Red Hat Undertow 资源管理错误漏洞

Red Hat Undertow is a Java-based embedded web server from Red Hat and is the default web server for Wildfly Java Application Server. Red Hat Undertow suffers from a security vulnerability that stems from a potential security issue in HTTP/2 flow control could lead to DOS...

Tiny Java Web Server 1.115 Cross Site Scripting

Advisory ID: SYSS-2021-042 Product: Tiny Java Web Server and Servlet Container TJWS Manufacturer: D. Rogatkin Affected Versions: = 1.115 Tested Versions: 1.107, 1.114 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Manufacturer Notification: 2021-07-21...

CVE-2021-37573

A reflected cross-site scripting XSS vulnerability in the web server TTiny Java Web Server and Servlet Container TJWS =1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error page...