Lucene search
K

50 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2021-25329

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a...

7.5CVSS6.8AI score0.56636EPSS
Exploits15References3
OpenVAS
OpenVAS
added 2024/07/24 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-6908-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.4AI score0.56636EPSS
Exploits18References2
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.40 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Tomcat vulnerabilities (USN-6908-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6908-1 advisory. It was discovered that the Tomcat SSI printenv command echoed user provided data without escaping it. An attacker could possibly...

7CVSS7.6AI score0.56636EPSS
Exploits18References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.49 views

RHEL 6 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: request mixup CVE-2022-25762 - When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 ...

8.5AI score0.73139EPSS
Exploits28References15
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.33 views

Amazon Linux 2 : tomcat, --advisory ALAS2TOMCAT8.5-2023-009 (ALASTOMCAT8.5-2023-009)

The version of tomcat installed on the remote host is prior to 8.5.63-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2TOMCAT8.5-2023-009 advisory. A flaw was found in Apache Tomcat. When responding to new h2c connection requests, Apache Tomcat could duplicate...

7.5CVSS6.8AI score0.56636EPSS
Exploits15References6
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/01 4:38 p.m.87 views

Security Bulletin: Cloud Pak for Security contains packages that have multiple vulnerabilities

Summary Cloud Pak for Security v1.9.0.0 and earlier may be vulnerable to multiple CVEs through the use of dependency packages. These have been updated in the latest release and vulnerabilities have neen addressed. Please follow the instructions in the Remediation/Fixes section below to update to...

10CVSS10.3AI score0.99988EPSS
Exploits111Affected Software1
OpenVAS
OpenVAS
added 2022/04/01 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-5360-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.75353EPSS
Exploits16References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/09 4:30 p.m.35 views

Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-25122 and CVE-2021-25329

Summary IBM UrbanCode Build is affected by CVE-2021-25122 and CVE-2021-25329 Vulnerability Details CVEID: CVE-2021-25122 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a flaw when responding to new h2c connection requests. By sending a...

7.5CVSS7.8AI score0.18114EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/25 7:54 a.m.39 views

Security Bulletin: IBM UrbanCode Release is affected by CVE-2021-25122 and CVE-2021-25329

Summary IBM UrbanCode Release version 6.2.2.7 - 6.2.5.2 are affected by CVE-2021-25122 and CVE-2021-25329 Vulnerability Details CVEID: CVE-2021-25122 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a flaw when responding to new h2c connection...

7.5CVSS7.8AI score0.18114EPSS
Exploits15Affected Software1
RedHat Linux
RedHat Linux
added 2021/09/09 6:18 a.m.54 views

Important: Red Hat Security Advisory: Red Hat support for Spring Boot 2.3.10 security update

An update is now available for Red Hat support for Spring Boot. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...

7.8CVSS6.8AI score0.56636EPSS
Exploits16References8
Redos
Redos
added 2021/09/08 12:0 a.m.18 views

ROS-2-1181

2.1181 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...

7.8CVSS7.7AI score0.18114EPSS
Exploits16
Redos
Redos
added 2021/09/08 12:0 a.m.28 views

ROS-2-811

2.811 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...

7.8CVSS7.7AI score0.18114EPSS
Exploits16
Redos
Redos
added 2021/09/08 12:0 a.m.31 views

ROS-2-454

2.454 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...

7.8CVSS7.4AI score0.18114EPSS
Exploits16
OSV
OSV
added 2021/07/20 10:46 a.m.17 views

MGASA-2021-0357 Updated tomcat packages fix security vulnerabilities

When responding to new h2c connection requests, Apache Tomcat versions 9.0.0.M1 to 9.0.41 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request CVE-2021-25122. The fix for...

7.5CVSS7.2AI score0.18114EPSS
Exploits15References7
RedHat Linux
RedHat Linux
added 2021/06/29 8:54 a.m.115 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.5.0 Security release

Updated Red Hat JBoss Web Server 5.5.0 packages are now available for Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS6.8AI score0.56636EPSS
Exploits15References4
RedHat Linux
RedHat Linux
added 2021/06/29 8:39 a.m.166 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.5.0 security release

Red Hat JBoss Web Server 5.5.0 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8 and Windows. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

7.5CVSS6.8AI score0.56636EPSS
Exploits15References4
Tenable Nessus
Tenable Nessus
added 2021/06/29 12:0 a.m.36 views

RHEL 7 / 8 : Red Hat JBoss Web Server 5.5.0 Security (Moderate) (RHSA-2021:2561)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2561 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the...

7.5CVSS7.4AI score0.56636EPSS
Exploits15References9
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.49 views

SUSE: Security Advisory (SUSE-SU-2021:14705-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.99988EPSS
Exploits38References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2021:1431-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7AI score0.56636EPSS
Exploits15References4
OpenVAS
OpenVAS
added 2021/05/19 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2021-1915)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.2AI score0.22852EPSS
Exploits15References2
Rows per page
Query Builder