Lucene search
K

74 matches found

Nuclei
Nuclei
added 2026/06/28 3:8 p.m.319 views

Apache Tomcat - Remote Code Execution

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted...

8.1CVSS7.1AI score0.99988EPSS
Exploits23References5
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.27 views

Linux Distros Unpatched Vulnerability : CVE-2017-12617

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the...

8.1CVSS7.6AI score0.99988EPSS
Exploits23References3
OpenVAS
OpenVAS
added 2025/02/21 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-7282-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.99988EPSS
Exploits27References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.29 views

RHEL 5 : tomcat5 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: security manager bypass via IntrospectHelper utility function CVE-2016-5018 - tomcat: Remote Code...

9.1CVSS8.1AI score0.99988EPSS
Exploits57References11
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.40 views

RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.4.19 (RHSA-2018:0271)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0271 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red...

8.1CVSS7.7AI score0.99988EPSS
Exploits28References11
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.205 views

K53173544: Apache Tomcat vulnerability CVE-2017-12617

Security Advisory Description When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the...

8.1CVSS8.3AI score0.99988EPSS
Exploits23
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/01 4:38 p.m.87 views

Security Bulletin: Cloud Pak for Security contains packages that have multiple vulnerabilities

Summary Cloud Pak for Security v1.9.0.0 and earlier may be vulnerable to multiple CVEs through the use of dependency packages. These have been updated in the latest release and vulnerabilities have neen addressed. Please follow the instructions in the Remediation/Fixes section below to update to...

10CVSS10.3AI score0.99988EPSS
Exploits109Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.45 views

Mageia: Security Advisory (MGASA-2017-0400)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.5AI score0.99988EPSS
Exploits23References7
GithubExploit
GithubExploit
added 2021/12/10 10:21 p.m.7 views

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat

CVE-2017-12617 CVE-2017-12617 is a critical vulnerability lea...

8.1CVSS7.6AI score0.99988EPSS
Exploits23
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.49 views

SUSE: Security Advisory (SUSE-SU-2021:14705-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.99988EPSS
Exploits38References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.40 views

SUSE: Security Advisory (SUSE-SU-2017:3059-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.99988EPSS
Exploits39References11
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.38 views

SUSE: Security Advisory (SUSE-SU-2017:3039-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.99988EPSS
Exploits24References10
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.49 views

SUSE: Security Advisory (SUSE-SU-2017:3279-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.99988EPSS
Exploits24References11
Openbugbounty
Openbugbounty
added 2020/06/23 1:45 p.m.8 views

jomitech.com Cross Site Scripting vulnerability OBB-1204874

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.7AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/23 8:41 p.m.56 views

Security Bulletin: WebSphere Message Broker and IBM Integration Bus is affected by Open Source Apache Tomcat Vulnerabilities (CVE-2017-12617,CVE-2017-12615)

Summary WebSphere Message Broker and IBM Integraton Bus have addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-12617 DESCRIPTION: Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by an incomplete fix related to an error when...

8.1CVSS1.2AI score0.99988EPSS
Exploits37Affected Software2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.56 views

Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2017-1261)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.99988EPSS
Exploits37References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.56 views

Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2017-1262)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.99988EPSS
Exploits37References4
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.48 views

Virtuozzo 6 : tomcat6 / tomcat6-admin-webapps / etc (VZLSA-2017-3080)

An update for tomcat6 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.1CVSS7.8AI score0.99988EPSS
Exploits37References6
RedHat Linux
RedHat Linux
added 2018/10/17 7:28 p.m.205 views

Critical: Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R8 security and bug fix update

An update is now available for Red Hat Fuse Integration Services. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS7.7AI score0.99988EPSS
Exploits54References10
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:23 a.m.62 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence (CVE-2017-12615, CVE-2017-12616, CVE-2017-12617)

Summary Jazz Reporting Service is shipped as a component of Rational Reporting for Development Intelligence RRDI. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-12617 DESCRIPTION...

8.1CVSS0.9AI score0.99988EPSS
Exploits39Affected Software1
Rows per page
Query Builder