Lucene search
K

48 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.68 views

Apache Tomcat 7.0.0 < 7.0.99 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.99. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat7.0.99security-7 advisory. - When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to...

7.5CVSS7AI score0.10687EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.34 views

Apache Tomcat 9.0.0.M1 < 9.0.29 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.29. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.29security-9 advisory. - When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote...

7CVSS7AI score0.01221EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.49 views

RHEL 6 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: request mixup CVE-2022-25762 - When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 ...

8.5AI score0.73139EPSS
Exploits28References15
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.66 views

Amazon Linux 2 : tomcat (ALAS-2023-2047)

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2047 advisory. A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker...

7.5CVSS7AI score0.87553EPSS
Exploits1References8
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.75 views

K10107360: Apache Tomcat vulnerability CVE-2019-12418

Security Advisory Description When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a...

7CVSS7.2AI score0.01221EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/01 4:38 p.m.87 views

Security Bulletin: Cloud Pak for Security contains packages that have multiple vulnerabilities

Summary Cloud Pak for Security v1.9.0.0 and earlier may be vulnerable to multiple CVEs through the use of dependency packages. These have been updated in the latest release and vulnerabilities have neen addressed. Please follow the instructions in the Remediation/Fixes section below to update to...

10CVSS10.3AI score0.99988EPSS
Exploits109Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2020:0226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.72988EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2020:1498-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.56636EPSS
Exploits18References8
Debian
Debian
added 2020/05/06 8:58 p.m.117 views

[SECURITY] [DSA 4680-1] tomcat9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4680-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 06, 2020 https://www.debian.org/security/faq -...

9.8CVSS8.4AI score0.9927EPSS
Exploits45
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/24 4:47 a.m.42 views

Security Bulletin: IBM Integration Bus affected by multiple Apache Tomcat (core only) vulnerabilities.

Summary IBM Integration Bus is affected by an Apache Tomcat vulnerability which was reported and has been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2019-12418 DESCRIPTION: Apache Tomcat could allow a local attacker to gain elevated privileges on the syste...

7.5CVSS0.9AI score0.10687EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/04/21 11:7 a.m.96 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.3 release

Updated Red Hat JBoss Web Server 5.3.0 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

9.8CVSS7AI score0.9927EPSS
Exploits45References10
RedHat Linux
RedHat Linux
added 2020/04/21 10:55 a.m.153 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.3 release

Red Hat JBoss Web Server 5.3.0 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7AI score0.9927EPSS
Exploits45References6
Tenable Nessus
Tenable Nessus
added 2020/04/21 12:0 a.m.66 views

RHEL 6 / 7 / 8 : Red Hat JBoss Web Server 5.3 (Important) (RHSA-2020:1520)

The remote Redhat Enterprise Linux 6 / 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1520 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of...

9.8CVSS7.7AI score0.9927EPSS
Exploits45References16
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.73 views

Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2020-1438)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.9927EPSS
Exploits45References4
RedhatCVE
RedhatCVE
added 2020/04/09 10:13 a.m.46 views

CVE-2019-12418

A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker without access to the Tomcat process or configuration files could be able to manipulate the RMI registry to perform a man-in-the-middle attack. The attacker could then capture user...

7.4CVSS0.7AI score0.01221EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2020/03/25 12:0 a.m.54 views

Debian: Security Advisory (DLA-2155-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.2AI score0.01221EPSS
Exploits0References3
Debian
Debian
added 2020/03/24 1:23 p.m.62 views

[SECURITY] [DLA 2155-1] tomcat8 security update

Package : tomcat8 Version : 8.0.14-1+deb8u16 CVE ID : CVE-2019-12418 Tomcat8 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture...

7CVSS7.6AI score0.01221EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.59 views

GLSA-202003-43 : Apache Tomcat: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-43 Apache Tomcat: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Apache Tomcat. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly smuggle HTTP...

9.8CVSS7.2AI score0.9927EPSS
Exploits48References5
Tenable Nessus
Tenable Nessus
added 2020/03/18 12:0 a.m.57 views

RHEL 6 / 7 : Red Hat JBoss Web Server 3.1 Service Pack 8 (RHSA-2020:0861)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0861 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the...

9.8CVSS7.2AI score0.9927EPSS
Exploits48References11
RedHat Linux
RedHat Linux
added 2020/03/17 1:13 p.m.100 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 3.1 Service Pack 8 security update

An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and RHEL 7. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7AI score0.9927EPSS
Exploits48References6
Rows per page
Query Builder