Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-49601

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00414EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2017/08/09 12:0 a.m.51 views

Oracle Linux 7 : tomcat (ELSA-2017-2247)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2247 advisory. - Resolves: rhbz1459747 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism - Resolves: rhbz1441481 CVE-2017-5647 tomcat: Incorre...

9.1CVSS6.7AI score0.83175EPSS
Exploits19References6
Oracle linux
Oracle linux
added 2016/11/09 12:0 a.m.53 views

tomcat security, bug fix, and enhancement update

0:7.0.69-10 - Related: rhbz1368122 0:7.0.69-9 - Resolves: rhbz1362213 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz1368122 0:7.0.69-7 - Resolves: rhbz1362545 0:7.0.69-6 - Related: rhbz1201409 Added /etc/sysconfig/tomcat to the systemd unit fo...

8.8CVSS0.6AI score0.35927EPSS
Exploits0
FreeBSD
FreeBSD
added 2016/02/22 12:0 a.m.46 views

tomcat -- multiple vulnerabilities

Mark Thomas reports: CVE-2015-5346 Apache Tomcat Session fixation CVE-2015-5351 Apache Tomcat CSRF token leak CVE-2016-0763 Apache Tomcat Security Manager Bypass...

8.8CVSS7.9AI score0.11297EPSS
Exploits0References3
Apache Tomcat
Apache Tomcat
added 2016/02/08 12:0 a.m.63 views

Fixed in Apache Tomcat 8.0.32

Note: The issues below were fixed in Apache Tomcat 8.0.31 but the release vote for the 8.0.31 release candidate did not pass. Therefore, although users must download 8.0.32 to obtain a version that includes fixes for these issues, version 8.0.31 is not included in the list of affected versions...

8.8CVSS7.7AI score0.13075EPSS
Exploits0Affected Software1
Apache Tomcat
Apache Tomcat
added 2016/01/05 12:0 a.m.59 views

Fixed in Apache Tomcat 9.0.0.M3

Moderate: Security Manager bypass CVE-2016-0763 This issue only affects users running untrusted web applications under a security manager. ResourceLinkFactory.setGlobalContext is a public method and was accessible to web applications even when running under a security manager. This allowed a...

8.8CVSS7.8AI score0.1838EPSS
Exploits0Affected Software1
Rows per page
Query Builder