Lucene search
K

24 matches found

OpenVAS
OpenVAS
added 2025/02/21 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-7282-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.99988EPSS
Exploits27References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.36 views

RHEL 7 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: Information Disclosure when using VirtualDirContext CVE-2017-12616 - When using the RemoteIpFilte...

7.5CVSS7.3AI score0.708EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.49 views

RHEL 6 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: request mixup CVE-2022-25762 - When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 ...

8.5AI score0.73139EPSS
Exploits28References15
Amazon
Amazon
added 2023/05/03 12:0 a.m.63 views

Important: tomcat7

Issue Overview: 2023-05-11: CVE-2017-12616 was added to this advisory. When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted...

7.5CVSS7.4AI score0.708EPSS
Exploits5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.37 views

Mageia: Security Advisory (MGASA-2017-0352)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.708EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.40 views

SUSE: Security Advisory (SUSE-SU-2017:3059-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.99988EPSS
Exploits39References11
RedhatCVE
RedhatCVE
added 2019/10/08 3:55 a.m.47 views

CVE-2017-12616

When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request...

7.5CVSS2.4AI score0.708EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2018/07/09 12:0 a.m.52 views

Debian: Security Advisory (DLA-1400-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.708EPSS
Exploits6References3
Debian
Debian
added 2018/06/27 8:56 p.m.65 views

[SECURITY] [DLA 1400-1] tomcat7 security update

Package : tomcat7 Version : 7.0.56-3+really7.0.88-1 CVE ID : CVE-2017-7674 CVE-2017-12616 CVE-2018-1304 CVE-2018-1305 CVE-2018-8014 Debian Bug : 802312 898935 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2017-7674 The CORS Filter in Apache Tomcat...

9.8CVSS8.2AI score0.708EPSS
Exploits6
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:23 a.m.48 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Insight (CVE-2017-12615, CVE-2017-12616, CVE-2017-12617)

Summary Jazz Reporting Service is shipped as a component of Rational Insight. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-12617 DESCRIPTION: Apache Tomcat could allow a remote...

8.1CVSS0.8AI score0.99988EPSS
Exploits39Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:23 a.m.64 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence (CVE-2017-12615, CVE-2017-12616, CVE-2017-12617)

Summary Jazz Reporting Service is shipped as a component of Rational Reporting for Development Intelligence RRDI. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-12617 DESCRIPTION...

8.1CVSS0.9AI score0.99988EPSS
Exploits39Affected Software1
OpenVAS
OpenVAS
added 2018/06/05 12:0 a.m.66 views

Ubuntu: Security Advisory (USN-3665-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.99988EPSS
Exploits29References4
Ubuntu
Ubuntu
added 2018/05/30 5:47 p.m.153 views

USN-3665-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. CVE-2017-12616,...

9.8CVSS7.5AI score0.99988EPSS
Exploits29
RedHat Linux
RedHat Linux
added 2018/03/09 12:19 p.m.24 views

CVE-2017-12616

No description provided...

7.1AI score0.708EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2018/03/08 12:0 a.m.193 views

RHEL 6 / 7 : Red Hat JBoss Web Server 3.1.0 Service Pack 2 (RHSA-2018:0466)

An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

8.1CVSS7.1AI score0.99988EPSS
Exploits41References16
RedHat Linux
RedHat Linux
added 2018/03/07 3:21 p.m.155 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update

An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

8.1CVSS7.1AI score0.99988EPSS
Exploits41References9
RedHat Linux
RedHat Linux
added 2018/03/07 3:9 p.m.137 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update

An update is now available for Red Hat JBoss Web Server 3.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

8.1CVSS7.1AI score0.99988EPSS
Exploits41References12
Check Point Advisories
Check Point Advisories
added 2017/10/02 12:0 a.m.22 views

Apache Tomcat VirtualDirContext Information Disclosure (CVE-2017-12616)

An information disclosure vulnerability exists in Apache Tomcat. By crafting a malicious request an attacker may view the source code of jsp files for resources...

5CVSS1.8AI score0.708EPSS
Exploits4
seebug.org
seebug.org
added 2017/09/21 12:0 a.m.196 views

Tomcat information disclosure Vulnerability(CVE-2017-12616 )analysis

Several recent Tomcat CVE CVE-2017-5664 Tomcat Security Constraint Bypass CVE-2017-12615 remote code execution vulnerability CVE-2017-12616 information disclosure vulnerability Common Is tasteless With JspServlet and DefaultServlet about the system. CVE-2017-12615 this remote code execution are...

6.8CVSS8.5AI score0.99607EPSS
Exploits20
CVE
CVE
added 2017/09/19 1:0 p.m.323 views

CVE-2017-12616

CVE-2017-12616 affects Apache Tomcat 7.0.0–7.0.80 with VirtualDirContext, enabling bypass of security constraints and viewing JSP source via a crafted request. Affected products/versions are documented in multiple advisories; remediation is to upgrade to a newer Tomcat 7.x release (e.g., Debian/R...

7.5CVSS5.8AI score0.708EPSS
In wildExploits4References14Affected Software1
Rows per page
Query Builder