PHP 8.5.x < 8.5.1 Multiple Vulnerabilities - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Grafana 8.5.x < 8.5.21 Multiple Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is 8.5.x earlier than 8.5.21, or 9.2.x earlier than 9.2.13, or 9.3.x earlier than 9.3.8. It is, therefore, affected by multiple vulnerabilities: - A Cross-site Scripting vulnerability. - A Cross-site Scripting...

KLA52554 SB vulnerability in Apache Tomcat

Security vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories Fixed in Apache Tomcat 8.5.93 Fixed in Apache Tomcat 9.0.80 Fixed in Apache Tomcat 8.5.93 Fixed in Apache Tomcat 10.1.13 Exploitation Malware exis...

CVE-2021-27653

Misconfiguration of the Pega Chat Access Group portal in Pega platform 7.4.0 - 8.5.x could lead to unintended data exposure...

CVE-2019-5317

A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.15 and below; Aruba Instant 8.3.x: 8.3.0.11 and below; Aruba Instant 8.4.x: 8.4.0.5 and below; Aruba...

Apache Tomcat 8.5.x < 8.5.60 Information Disclosure

The version of Apache Tomcat installed on the remote host is 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 or 7.0.0 to 7.0.106. It is, therefore, affected by a vulnerability. Apache Tomcat could re-use an HTTP request header value from the previous stream received on an HTTP/2...

IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 SSRF (CVE-2019-17566)

The IBM WebSphere Application Server running on the remote host is version 8.0.0.0 through 8.0.0.15, 8.5.0.x prior to 8.5.5.18, or 9.0.x prior to 9.0.5.5. It is, therefore, affected by a server-side request forgery vulnerability due to improper input validation by the xlink:href attributes. An...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 Information Disclosure (CVE-2012-5783)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.x through 7.0.0.45, 8.0.0.x through 8.0.0.15, 8.5.0.x prior to 8.5.5.14 or 9.0.x prior to 9.0.0.8. It is, therefore, affected by an information disclosure vulnerability in the Apache Commons HttpClient subcomponent d...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.3 Command Execution (CVE-2020-4163)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.0.x prior to 8.5.5.17, or 9.0.x prior to 9.0.5.3. It is, therefore, affected by a command execution vulnerability. An authenticated, remote attacker can exploit this ...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 / Liberty < 19.0.0.11 Information Disclosure (CVE-2019-4441)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.0.x prior to 8.5.5.17, or 9.0.x prior to 9.0.5.2, or Liberty prior to 19.0.0.11. It is, therefore, affected by an information disclosure vulnerability. An...

IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Directory Traversal Vulnerability

The IBM WebSphere Application Server running on the remote host is version 7.0.x, 8.0.0.x, 8.5.0.x prior to 8.5.5.17, or 9.0.0.x prior to 9.0.5.2. It is therefore, affected by a directory traversal vulnerability in the Admin Console. A authenticated, remote attacker can exploit this by sending a...

IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Information Disclosure (CVE-2019-4477)

The IBM WebSphere Application Server running on the remote host is version 7.0.x, 8.0.0.x, 8.5.0.x prior to 8.5.5.17, or 9.0.0.x prior to 9.0.5.2. It is, therefore, affected by an information disclosure vulnerability. An authenticated remote attacker can exploit this by leveraging improper handli...

TYPO3 8.5.x <= 8.7.26 and 9.x.x <= 9.5.7 Security Misconfiguration Vulnerability

TYPO3 CMS is susceptible to a security misconfiguration vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 Admin Console Denial of Service (DoS) Vulnerability (CVE-2019-4080)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.x prior to 8.5.5.16, or 9.0.0.x prior to 9.0.0.11. It is, therefore, affected by a denial of service DoS vulnerability in the Admin Console. A remote, authenticated...

Immunity Canvas: DRUPAL_SERVICES_RCE

Name| drupalservicesrce ---|--- CVE| CVE-2019-6340 Exploit Pack| CANVAS Description| CVE-2019-6340 Notes| CVE Name: CVE-2019-6340 VENDOR: Drupal NOTES: An unauthenticated unserialization bug can be exploited on the RESTful Web Services module on the Drupal core for the following versions: 7.X...

Apache Tomcat 7.0.x < 7.0.76 / 8.0.x < 8.0.42 / 8.5.x < 8.5.12 / 9.0.0.x < 9.0.0.M18 Information Disclosure

Binary data 700056.prm...

Apache Tomcat 8.5.7 < 8.5.11 / 9.0.0.M11 < 9.0.0.M17 nextRequest Information Disclosure

Binary data 700007.pasl...

Apache Tomcat 8.5.x < 8.5.9 / 9.x < 9.0.0.M15 NIO HTTP Connector Information Disclosure

Binary data 9909.pasl...

IBM INotes and Domino Cross-site Scripting Vulnerability (Nov 2016)

IBM Domino is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:lotusdomino";...

IBM Domino 8.5.x < 8.5.3 Fix Pack 6 Interim Fix 13 Multiple Vulnerabilities

According to its banner, the version of IBM Domino formerly IBM Lotus Domino running on the remote host is 8.5.x prior to 8.5.3 Fix Pack 6 FP6 Interim Fix 13 IF13. It is, therefore, affected by the following vulnerabilities : - Multiple heap-based buffer overflow conditions exist in the KeyView P...