1266 matches found
CVE-2026-31267
Mercusys MW302R MW302R(EU)_V1_1.4.10 Build 231023 is affected by a stack-based buffer overflow in the administrative web interface. The flaw permits an authenticated, admin-privileged attacker to crash the system by sending a specially crafted request, yielding denial of service through control-f...
Always-Incorrect Control Flow Implementation
Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation in the checksdpcrypto function due to an inverted boolean condition. An attacker can weaken the binding between DTLS certificates and SDP by intercepting and modifying WebRTC signaling...
BIT-TOMCAT-2026-55276 Apache Tomcat: Logged effective web.xml is incomplete
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0 through 11.0.22, from 10.1.0 through 10.1.55, from 9.0.0...
BIT-TOMCAT-2026-53404 Apache Tomcat: Bad ornext processing in RewriteValve
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0 through 11.0.22, from 10.1.0 through 10.1.55, from 9.0.0...
ROS-20260702-73-0033
The vulnerability in the kernel-lt is related to the implementation of an incorrect control flow. Exploiting this vulnerability can allow an attacker to cause a service failure...
SUSE CVE-2026-55276
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...
ROS-20260701-73-0042
The vulnerability in the kernel-lt is related to the implementation of an incorrect control flow. Exploiting this vulnerability can allow an attacker to cause a service failure...
ROS-20260630-73-0040
The vulnerability in the kernel-lt is related to the implementation of an incorrect control flow. Exploiting this vulnerability can allow an attacker to cause a service failure...
Apache Tomcat 9.0.0.M1 < 9.0.119 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 9.0.119. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.119security-9 advisory. - Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles...
Always-Incorrect Control Flow Implementation
Overview org.apache.tomcat:tomcat is an implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to incorrect control flow in the RewriteValv...
Always-Incorrect Control Flow Implementation
Overview org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to incorrect control flow in the RewriteValve process. An attacker can bypass...
CVE-2026-55276
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...
CVE-2026-53404
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...
DEBIAN-CVE-2026-53404
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...
UBUNTU-CVE-2026-53404
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...
UBUNTU-CVE-2026-55276
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...
CVE-2026-55276 Apache Tomcat: Logged effective web.xml is incomplete
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...
CVE-2026-55276
Apache Tomcat vulnerability CVE-2026-55276 is a logging-only issue caused by an always-incorrect control flow in the effective web.xml, leading to special roles and empty authorization constraints not being shown. Affected products include Tomcat 8.5.0–8.5.100, 9.0.0.M1–9.0.118, 10.1.0-M1–10.1.55...
CVE-2026-53404 Apache Tomcat: Bad ornext processing in RewriteValve
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...
CVE-2026-53404
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...