Apache Tomcat 7.0.0 < 7.0.73 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.73. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat7.0.73security-7 advisory. - Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before...

Apache Tomcat 8.0.0.RC1 < 8.0.39 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 8.0.39. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat8.0.39security-8 advisory. - Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before...

CVE-2016-8735

creationtimestamp| type| source ---|---|--- 2023-05-16 15:47:20+00:00| seen| https://t.me/theninjaway1337/1371 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-12-24 20:34:21+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2971811 2025-02-06 02:41:39+00:00|...

VulnCheck KEV: CVE-2016-8735

Apache Tomcat contains an unspecified vulnerability that allows for remote code execution if JmxRemoteLifecycleListener is used and an attacker can reach Java Management Extension JMX ports. This CVE exists because this listener wasn't updated for consistency with the Oracle patched issues...

K49820145: Apache Tomcat vulnerability CVE-2016-8735

Security Advisory Description Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener...

org.eclipse.che.lib:che-tomcat8-slf4j-logback (>=6.10.0 <=7.2.0), org.eclipse.che:assembly-main (>=6.10.0 <=7.2.0) +2 more potentially affected by CVE-2016-8735 via org.apache.tomcat:tomcat-catalina-jmx-remote (>=8.5.23 <=8.5.46)

org.apache.tomcat:tomcat-catalina-jmx-remote MAVEN version =8.5.23, =6.10.0, =6.10.0, =6.10.0, =12.0, =12.7 Source cves: CVE-2016-8735 Source advisory: OSV:GHSA-CW54-59PW-4G8C...

Mageia: Security Advisory (MGASA-2016-0417)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1660-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4557-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4557-1: Tomcat vulnerabilities

It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. CVE-2016-0762 Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain...

Apache Tomcat Remote Code Execution (CVE-2016-8735)

A remote code execution vulnerability exists in Apache Tomcat. Successful exploitation of this vulnerability could result in execution of arbitrary code on the affected system...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2016-8735, CVE-2016-6816)

Summary There are vulnerabilities CVE-2016-8735, CVE-2016-6816 reported in Apache Tomcat v6 that is used by WebSphere Cast Iron Solution. WebSphere Cast Iron has remediated the affected versions. Vulnerability Details CVEID: CVE-2016-8735 DESCRIPTION: Apache Tomcat could allow a remote attacker t...

Security Bulletin: Open Source Apache Tomcat Vulnerabilities (CVE-2016-6817, CVE-2016-8735, CVE-2016-6816)

Summary Issues with Apache Tomcat Vulnerabilities have been addressed. Vulnerability Details CVEID: CVE-2016-6817 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted HTTP/2 header, a remote attacker could exploit this vulnerability to cause the...

Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Insight (CVE-2016-6816, CVE-2016-8735)

Summary The Rational Insight is shipped with a version of the Apache Tomcat web server which contains security vulnerabilities that could have a potential security impact. Vulnerability Details CVEID: CVE-2016-6816 DESCRIPTION: Apache Tomcat is vulnerable to HTTP response splitting attacks, cause...

Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Reporting for Development Intelligence (CVE-2016-6816, CVE-2016-8735)

Summary The Rational Reporting for Development Intelligence RRDI is shipped with a version of the Apache Tomcat web server which contains security vulnerabilities that could have a potential security impact. Vulnerability Details CVEID: CVE-2016-6816 DESCRIPTION: Apache Tomcat is vulnerable to HT...

Oracle Database Multiple Vulnerabilities (October 2017 CPU)

The remote Oracle Database Server is missing the October 2017 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note tha...

SUSE-SU-2017:1660-1 Security update for tomcat

Tomcat was updated to version 7.0.78, fixing various bugs and security issues. For full details see https://tomcat.apache.org/tomcat-7.0-doc/changelog.html Security issues fixed: - CVE-2016-0762: A realm timing attack in tomcat was fixed which could disclose existence of users bsc1007854 -...

CVE-2016-8735

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency...

CVE-2016-8735

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency...

CVE-2016-8735

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency...