Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

UbuntuCve
UbuntuCveadded 2026/04/09 8:16 p.m.2 views

CVE-2026-34500

CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M14 through 11.0.20, from 10.1.22 through 10.1.53, from 9.0.92 through 9.0.116. Users are recommended to upgrade to...

6.5CVSS5.8AI score0.00469EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/10/24 12:0 a.m.6 views

Oracle Siebel Server is prior to 25.10 (October 2025 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through...

8.4CVSS7.3AI score0.53228EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-19720

Malware in sbrugna...

7.4CVSS7.5AI score0.04068EPSS
Exploits0References13
Tenable Nessus
Tenable Nessusadded 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-49125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root...

7.5CVSS7.1AI score0.03163EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2025/06/17 2:18 a.m.3 views

SUSE CVE-2025-49125

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not to be protected by th...

7.4CVSS7.6AI score0.03163EPSS
Exploits0References12
OSV
OSVadded 2025/06/16 3:15 p.m.2 views

DEBIAN-CVE-2025-49125

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not to be protected by th...

7.5CVSS8AI score0.03163EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2013/06/24 12:0 a.m.82 views

JBoss Enterprise Application Platform 6.1.0 Update (RHSA-2013:0833)

The version of JBoss Enterprise Application Platform 6.0.1 running on the remote system is vulnerable to the following issues: - A man-in-the-middle attack is possible when applications running on JBoss Web use the COOKIE session tracking method. The flaw is in the...

6.8CVSS6.6AI score0.35584EPSS
Exploits3References15
RedHat Linux
RedHat Linuxadded 2009/10/14 4:15 p.m.6 views

tomcat6 Information disclosure in authentication classes

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /jsecuritycheck with malformed URL encoding of passwords, related to improper error checking in the 1...

4.3CVSS6.1AI score0.9444EPSS
Exploits4References4
Rows per page
Query Builder