com.github.psi-probe:psi-probe-tomcat10 (>=5.0.0 <=5.3.0), com.github.psi-probe:psi-probe-tomcat11 (>=5.0.0 <=5.3.0) +5 more potentially affected by CVE-2026-3270 via com.github.psi-probe:psi-probe-core (>=3.0.0 <=5.3.0)

com.github.psi-probe:psi-probe-core MAVEN version =3.0.0, =5.0.0, =5.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.3.0 Source cves: CVE-2026-3270 Source advisory: SNYK:JAVA-COMGITHUBPSIPROBE-15369739...

com.github.psi-probe:psi-probe-tomcat10 (>=5.0.0 <=5.3.0), com.github.psi-probe:psi-probe-tomcat11 (>=5.0.0 <=5.3.0) +5 more potentially affected by CVE-2026-3269 via com.github.psi-probe:psi-probe-core (>=3.0.0 <=5.3.0)

com.github.psi-probe:psi-probe-core MAVEN version =3.0.0, =5.0.0, =5.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.3.0 Source cves: CVE-2026-3269 Source advisory: SNYK:JAVA-COMGITHUBPSIPROBE-15369738...

com.github.psi-probe:psi-probe-tomcat10 (>=5.0.0 <=5.3.0), com.github.psi-probe:psi-probe-tomcat11 (>=5.0.0 <=5.3.0) +5 more potentially affected by CVE-2026-3269 via com.github.psi-probe:psi-probe-core (>=3.0.0 <=5.3.0)

com.github.psi-probe:psi-probe-core MAVEN version =3.0.0, =5.0.0, =5.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.3.0 Source cves: CVE-2026-3269 Source advisory: OSV:GHSA-RX6W-2W6H-R346...

com.github.psi-probe:psi-probe-tomcat10 (>=5.0.0 <=5.3.0), com.github.psi-probe:psi-probe-tomcat11 (>=5.0.0 <=5.3.0) +5 more potentially affected by CVE-2026-3270 via com.github.psi-probe:psi-probe-core (>=3.0.0 <=5.3.0)

com.github.psi-probe:psi-probe-core MAVEN version =3.0.0, =5.0.0, =5.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.3.0 Source cves: CVE-2026-3270 Source advisory: OSV:GHSA-429M-9874-RX9W...

Linux Distros Unpatched Vulnerability : CVE-2016-9775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The postrm script in the tomcat6 package before 6.0.45+dfsg-1deb7u3 on Debian wheezy, before 6.0.45+dfsg-1deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on...

Linux Distros Unpatched Vulnerability : CVE-2016-9774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The postinst script in the tomcat6 package before 6.0.45+dfsg-1deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; th...

USN-7032-1 tomcat8, tomcat9 vulnerability

It was discovered that Tomcat incorrectly handled HTTP trailer headers. A remote attacker could possibly use this issue to perform HTTP request smuggling...

USN-6943-1 tomcat8, tomcat9 vulnerabilities

It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected tomcat8 for Ubuntu 18.04 LTS CVE-2020-9484 It was discovered that Tomcat...

The vulnerability in the web interface for controlling the Cisco HyperFlex data platform allows a attacker to execute arbitrary commands on the target system with user-level privileges on the Tomcat8 server.

The vulnerability of the Cisco HyperFlex data platform’s web management interface relates to the lack of measures taken to neutralize special elements used in operating system teams. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on the target system with...

CVE-2021-1499

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit this vulnerabilit...

tomcat: specially crafted sequence of HTTP/2 requests can lead to DoS

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become...

PT-2020-4410

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.0.27 through 7.0.104 Apache Tomcat versions 8.5.0 through 8.5.56 Apache Tomcat versions 9.0.0.M1 through 9.0.36 Apache Tomcat versions 10.0.0-M1 through 10.0.0-M6 Description: The issue is related to the execution of ...

tomcat: HTTP/2 connection window exhaustion on write, incomplete fix of CVE-2019-0199

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOWUPDATE messages for the connection window stream 0 clients were able to cause server-side threads to...

USN-4128-1 tomcat8 vulnerabilities

It was discovered that the Tomcat 8 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. CVE-2019-0221 It was discovered that Tomcat 8 did not address HTTP/2 connection window exhaustion on write while addressing...

USN-3787-1 tomcat7, tomcat8 vulnerability

It was discovered that Tomcat incorrectly handled returning redirects to a directory. A remote attacker could possibly use this issue with a specially crafted URL to redirect to arbitrary URIs...

USN-3723-1 tomcat7, tomcat8 vulnerabilities

It was discovered that Tomcat incorrectly handled decoding certain UTF-8 strings. A remote attacker could possibly use this issue to cause Tomcat to crash, resulting in a denial of service. CVE-2018-1336 It was discovered that the Tomcat WebSocket client incorrectly performed hostname verificatio...

PT-2016-6402 · Apache +5 · Apache Tomcat +5

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.0.0 through 7.0.70 Apache Tomcat versions 8.0.0 through 8.5.4 Description: The issue allows remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header i...