Lucene search
+L

43 matches found

SUSE CVE
SUSE CVE
added 2026/07/01 3:15 a.m.6 views

SUSE CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

4.2CVSS5.9AI score0.0028EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 9:16 p.m.5 views

DEBIAN-CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS5.7AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 2026/06/29 9:16 p.m.11 views

CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS0.0028EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 9:16 p.m.3 views

UBUNTU-CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS5.7AI score0.0028EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:44 p.m.5 views

CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

5.7AI score0.0028EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/29 8:44 p.m.79 views

CVE-2026-55955

CVE-2026-55955 describes an improper authentication flaw in Apache Tomcat’s EncryptionInterceptor for Tribes clustering, allowing a replay attack. Affected versions include Tomcat 11.0.0-M1–11.0.22, 10.1.0-M1–10.1.55, 9.0.13–9.0.18, 8.5.38–8.5.100, and 7.0.100–7.0.109. Remediation is to upgrade t...

6.5CVSS5.7AI score0.0028EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/29 8:44 p.m.56 views

CVE-2026-55955 Apache Tomcat: EncryptInterceptor not protected against replay attacks

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

0.0028EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/29 8:44 p.m.6 views

CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS5.7AI score0.0028EPSS
Exploits0
OSV
OSV
added 2026/06/29 8:44 p.m.4 views

CVE-2026-55955 Apache Tomcat: EncryptInterceptor not protected against replay attacks

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS5.9AI score0.0028EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/29 9:2 a.m.2 views

tomcat: Apache Tomcat: Replay attack via improper authentication in EncryptionInterceptor

A flaw was found in Apache Tomcat. An improper authentication vulnerability in the EncryptionInterceptor component allows a remote attacker to perform a replay attack. This could lead to unauthorized access or manipulation of data within the cluster component...

6.5CVSS6AI score0.0028EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.11 views

PT-2026-53744

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.22 Apache Tomcat versions 10.1.0-M1 through 10.1.55 Apache Tomcat versions 9.0.13 through 9.0.18 Apache Tomcat versions 8.5.38 through 8.5.100 Apache Tomcat versions 7.0.100 through 7.0.109...

6.5CVSS5.8AI score0.0028EPSS
Exploits0References37
RedHat Linux
RedHat Linux
added 2026/06/24 5:15 p.m.2 views

tomcat: Apache Tomcat: Replay attack via improper authentication in EncryptionInterceptor

A flaw was found in Apache Tomcat. An improper authentication vulnerability in the EncryptionInterceptor component allows a remote attacker to perform a replay attack. This could lead to unauthorized access or manipulation of data within the cluster component...

6.5CVSS6AI score0.0028EPSS
Exploits0References5
Redos
Redos
added 2026/03/10 12:0 a.m.9 views

ROS-20260310-73-0001

A vulnerability in the Cluster: General component of the MySQL Cluster database management system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, add or delete data or cause a denial of service...

5.5CVSS5.8AI score0.00869EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-37362

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00372EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.9 views

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain full control over the application

Vulnerability of the Cluster component: General database management systems like MySQL Cluster are vulnerable due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain full control over the application...

6.8CVSS7.1AI score0.0017EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.6 views

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows a hacker to cause a service failure.

Vulnerability of the MySQL Cluster component: General database management systems related to MySQL Cluster are vulnerable to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.8CVSS7AI score0.00485EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2025/07/15 12:0 a.m.9 views

PT-2025-29623 · Oracle · Mysql 8.4 +2

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.0 through 8.0.42 Oracle MySQL versions 8.4.0 through 8.4.5 Oracle MySQL versions 9.0.0 through 9.3.0 Description: This issue affects the Cluster component of Oracle MySQL. A highly privileged attacker with logon acce...

6.8CVSS6.9AI score0.0017EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/05/09 12:0 a.m.7 views

The vulnerability of the pg-cluster component of the BIG-IP Next Central Manage application programming interface allows a attacker to disclose protected information.

The vulnerability of the pg-cluster component of the BIG-IP Next Central Manage application programming interface is related to the disclosure of information through registration files. Exploiting this vulnerability can allow an attacker to disclose the protected information...

4.6CVSS6.2AI score0.00159EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.6 views

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain access to read, modify, or delete data.

Vulnerability of the MySQL Cluster component: General database management system vulnerabilities related to MySQL Cluster are associated with insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete access to data using the MySQL...

5.5CVSS6.7AI score0.00624EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2024/08/02 4:17 a.m.3 views

CVE-2024-38482

CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive...

7.2CVSS5.9AI score0.00372EPSS
Exploits0References1
Rows per page
Query Builder