Lucene search
+L

1266 matches found

CVE
CVE
added 2026/07/09 12:0 a.m.10 views

CVE-2026-31267

Mercusys MW302R MW302R(EU)_V1_1.4.10 Build 231023 is affected by a stack-based buffer overflow in the administrative web interface. The flaw permits an authenticated, admin-privileged attacker to crash the system by sending a specially crafted request, yielding denial of service through control-f...

5.7CVSS6.2AI score0.00198EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/07 3:25 p.m.5 views

Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation in the checksdpcrypto function due to an inverted boolean condition. An attacker can weaken the binding between DTLS certificates and SDP by intercepting and modifying WebRTC signaling...

6.3CVSS6.1AI score0.0015EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 4:18 p.m.7 views

BIT-TOMCAT-2026-55276 Apache Tomcat: Logged effective web.xml is incomplete

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0 through 11.0.22, from 10.1.0 through 10.1.55, from 9.0.0...

9.1CVSS6AI score0.00368EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 4:18 p.m.6 views

BIT-TOMCAT-2026-53404 Apache Tomcat: Bad ornext processing in RewriteValve

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0 through 11.0.22, from 10.1.0 through 10.1.55, from 9.0.0...

7.3CVSS5.9AI score0.00413EPSS
Exploits0References3
Redos
Redos
added 2026/07/02 12:0 a.m.5 views

ROS-20260702-73-0033

The vulnerability in the kernel-lt is related to the implementation of an incorrect control flow. Exploiting this vulnerability can allow an attacker to cause a service failure...

6AI score0.00173EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/07/01 3:15 a.m.6 views

SUSE CVE-2026-55276

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

3.3CVSS6AI score0.00368EPSS
Exploits0References3
Redos
Redos
added 2026/07/01 12:0 a.m.5 views

ROS-20260701-73-0042

The vulnerability in the kernel-lt is related to the implementation of an incorrect control flow. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.6AI score0.00225EPSS
Exploits0
Redos
Redos
added 2026/06/30 12:0 a.m.8 views

ROS-20260630-73-0040

The vulnerability in the kernel-lt is related to the implementation of an incorrect control flow. Exploiting this vulnerability can allow an attacker to cause a service failure...

6AI score0.00171EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.10 views

Apache Tomcat 9.0.0.M1 < 9.0.119 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.119. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.119security-9 advisory. - Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles...

9.1CVSS6.1AI score0.02569EPSS
Exploits1References13
Snyk
Snyk
added 2026/06/29 10:23 p.m.6 views

Always-Incorrect Control Flow Implementation

Overview org.apache.tomcat:tomcat is an implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to incorrect control flow in the RewriteValv...

7.3CVSS5.8AI score0.00413EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/29 10:23 p.m.5 views

Always-Incorrect Control Flow Implementation

Overview org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to incorrect control flow in the RewriteValve process. An attacker can bypass...

7.3CVSS5.8AI score0.00413EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 9:16 p.m.9 views

CVE-2026-55276

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

9.1CVSS0.00368EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 9:16 p.m.22 views

CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

7.3CVSS0.00413EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 9:16 p.m.8 views

DEBIAN-CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

7.3CVSS5.7AI score0.00413EPSS
Exploits0References1
OSV
OSV
added 2026/06/29 9:16 p.m.6 views

UBUNTU-CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

7.3CVSS5.7AI score0.00413EPSS
Exploits0References8
OSV
OSV
added 2026/06/29 9:16 p.m.6 views

UBUNTU-CVE-2026-55276

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/06/29 8:42 p.m.52 views

CVE-2026-55276 Apache Tomcat: Logged effective web.xml is incomplete

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

0.00368EPSS
Exploits0References1
CVE
CVE
added 2026/06/29 8:42 p.m.92 views

CVE-2026-55276

Apache Tomcat vulnerability CVE-2026-55276 is a logging-only issue caused by an always-incorrect control flow in the effective web.xml, leading to special roles and empty authorization constraints not being shown. Affected products include Tomcat 8.5.0–8.5.100, 9.0.0.M1–9.0.118, 10.1.0-M1–10.1.55...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/29 8:39 p.m.54 views

CVE-2026-53404 Apache Tomcat: Bad ornext processing in RewriteValve

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

0.00413EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:39 p.m.6 views

CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

5.7AI score0.00413EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder