Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в tomcat9

The simplified implementation of blocking reads and writes introduced in Tomcat 10, and backported to Tomcat 9.0.47 and later versions, exposed a long-standing but extremely difficult to trigger concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60, and...

3.7CVSS6.8AI score0.00203EPSS
Exploits0References1
Fedora
Fedoraadded 2025/05/11 1:16 a.m.13 views

[SECURITY] Fedora 42 Update: nodejs22-22.15.0-2.fc42

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

8.3CVSS6.5AI score0.00651EPSS
Exploits0
Amazon
Amazonadded 2023/09/25 12:0 a.m.7 views

Important: tomcat

Issue Overview: A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker without access to the Tomcat process or configuration files could be able to manipulate the RMI registry to perform a man-in-the-middle attack. The attacker could...

7.5CVSS6.9AI score0.92155EPSS
Exploits2
RedHat Linux
RedHat Linuxadded 2022/11/02 10:45 a.m.4 views

Tomcat: Information disclosure

The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 tha...

3.7CVSS6.8AI score0.00203EPSS
Exploits0References4
CNNVD
CNNVDadded 2022/09/28 12:0 a.m.1 views

Apache Tomcat 竞争条件问题漏洞

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server. The program implements support for Servlets and JavaServer Page JSP. A security vulnerability exists in Apache Tomcat, which stems from a simplified implementation of blocking reads and writes, wi...

3.7CVSS7AI score0.00203EPSS
Exploits0References13
OSV
OSVadded 2021/09/16 3:15 p.m.0 views

UBUNTU-CVE-2021-41079

Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service...

7.5CVSS6.9AI score0.00103EPSS
Exploits0References7
OSV
OSVadded 2021/07/12 3:15 p.m.1 views

UBUNTU-CVE-2021-30639

A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between requests. This meant that once ...

7.5CVSS6.9AI score0.00422EPSS
Exploits0References8
OSV
OSVadded 2020/06/15 6:51 p.m.3 views

GHSA-QCXH-W3J9-58QR Apache Tomcat Denial of Service vulnerability

The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servle...

7.5CVSS7.1AI score0.65581EPSS
Exploits0References59
Rows per page
Query Builder