Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794 tomcat: improper...

Moderate: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794 tomcat: improper...

The vulnerability of the ProSAFE Network Management System’s (NMS300) management, diagnosis, and optimization functions relates to deficiencies in access control. This vulnerability allows attackers to enhance their privileges.

The vulnerability of the ProSAFE Network Management System NMS300 in terms of system management, diagnosis, and optimization of network device operations is related to deficiencies in access control due to incorrect context determination for searching user credentials. Exploiting this vulnerabili...

CVE-2023-49694

A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM...

NETGEAR 访问控制错误漏洞

NETGEAR is a router from the American company NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. An access control error vulnerability exists in the NETGEAR ProSAFE Network Management System v1.7.0.26 and earlier versions, which can be exploited ...

Moderate: Red Hat Security Advisory: tomcat security and bug fix update

An update for tomcat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2023:7065 Moderate: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Commons FileUpload: FileUpload DoS with excessive parts CVE-2023-24998 tomcat: not including the secure attribute causes information disclosure CVE-2023-28708 tomcat: Fix for...

Moderate: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Commons FileUpload: FileUpload DoS with excessive parts CVE-2023-24998 tomcat: not including the secure attribute causes information disclosure CVE-2023-28708 tomcat: Fix for...

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

ALSA-2023:5928 Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the security issues, including the impact, a CVSS...

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the security issues, including the impact, a CVSS...

Debian: Security Advisory (DLA-435-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Schneider Electric Easy UPS Online Monitoring Software 代码问题漏洞

Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from Schneider Electric, a French company. A code issue exists in Schneider Electric Easy UPS Online Monitoring Software that stems from an Unlimited Uploads of Dangerous Types of Files vulnerability that could...

Rocket Software TRUfusion 代码问题漏洞

Rocket Software TRUfusion is a simple, cost-effective solution from Rocket Software USA, Inc. It is used to ensure the secure exchange of CAD files and design data in PLM systems. A security vulnerability exists in Rocket Software TRUfusion Enterprise versions prior to 7.9.6.1. An attacker could...

CVE-2021-42967

Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files...

Northstar Club Management 路径遍历漏洞

Northstar Club Management is a web-based solution from Northstar, Inc. that allows organizations to manage all elements of a club, such as memberships, guests, events, and more. A path traversal vulnerability exists in Northstar Club Management version 6.3, which stems from the software's lack of...

The vulnerability of JSP-based software technologies like Apache JSPWiki, due to lack of access control mechanisms, allows attackers to delete any files they desire.

The vulnerability of JSP-based software, such as Apache JSPWiki, is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to delete arbitrary files using a specially crafted HTTP request...