Lucene search
K

46 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : tomcat-9.0.62-37.el9 (AXSA:2023-6944:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6944:05 advisory. Apache Commons FileUpload: FileUpload DoS with excessive parts CVE-2023-24998 tomcat: not including the secure attribute causes information disclosu...

7.5CVSS7AI score0.51547EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/15 8:2 a.m.51 views

Security Bulletin: Vulnerability in openssh and libssh libraries (CVE-2023-28709) affects Power HMC

Summary The openssh and libssh libraries are used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: OpenSSH is vulnerable to a machine-in-the-middle attack, caused by a flaw in the extension negotiation process ...

7.5CVSS6.6AI score0.93305EPSS
Exploits5Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2023-28709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP...

7.5CVSS7AI score0.51547EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.45 views

CentOS 8 : tomcat (CESA-2023:7065)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7065 advisory. - tomcat: Fix for was incomplete CVE-2023-24998 - When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the...

7.5CVSS7.5AI score0.51547EPSS
Exploits1References4
OSV
OSV
added 2023/11/14 12:0 a.m.54 views

ALSA-2023:7065 Moderate: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Commons FileUpload: FileUpload DoS with excessive parts CVE-2023-24998 tomcat: not including the secure attribute causes information disclosure CVE-2023-28708 tomcat: Fix for...

7.5CVSS7AI score0.51547EPSS
Exploits1References8
AlmaLinux
AlmaLinux
added 2023/11/14 12:0 a.m.46 views

Moderate: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Commons FileUpload: FileUpload DoS with excessive parts CVE-2023-24998 tomcat: not including the secure attribute causes information disclosure CVE-2023-28708 tomcat: Fix for...

7.5CVSS7AI score0.51547EPSS
Exploits1References8
Oracle linux
Oracle linux
added 2023/11/11 12:0 a.m.47 views

tomcat security and bug fix update

1:9.0.62-37 - Resolves: RHEL-12551 - Remove JDK subpackges which are unused 1:9.0.62-16 - Related: 2184133 Declare file conflicts 1:9.0.62-15 - Resolves: 2184133 Fix bug in Obsoletes 1:9.0.62-14 - Resolves: 2210632 CVE-2023-28709 tomcat 1:9.0.62-13 - Resolves: 2189675 Missing Tomcat POM files in...

7.5CVSS7.8AI score0.51547EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/11/07 8:49 a.m.59 views

Moderate: Red Hat Security Advisory: tomcat security and bug fix update

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7AI score0.51547EPSS
Exploits1References8
OSV
OSV
added 2023/11/07 12:0 a.m.36 views

ALSA-2023:6570 Moderate: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Commons FileUpload: FileUpload DoS with excessive parts CVE-2023-24998 tomcat: not including the secure attribute causes information disclosure CVE-2023-28708 tomcat: Fix for...

7.5CVSS7AI score0.51547EPSS
Exploits1References8
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.44 views

Moderate: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Commons FileUpload: FileUpload DoS with excessive parts CVE-2023-24998 tomcat: not including the secure attribute causes information disclosure CVE-2023-28708 tomcat: Fix for...

7.5CVSS7.1AI score0.51547EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2023/10/11 12:0 a.m.40 views

Debian: Security Advisory (DSA-5521-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.6AI score0.99999EPSS
Exploits22References6
Debian
Debian
added 2023/10/10 10:9 p.m.72 views

[SECURITY] [DSA 5521-1] tomcat10 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5521-1 [email protected] https://www.debian.org/security/ Markus Koschany October 10, 2023 https://www.debian.org/security/faq -...

7.5CVSS8.2AI score0.99999EPSS
Exploits22
hivepro
hivepro
added 2023/09/27 10:22 a.m.65 views

Critical Security Vulnerabilities Discovered in Atlassian Products

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Atlassian have revealed the existence of several security vulnerabilities, namely CVE-2022-25647, CVE-2023-22512, CVE-2023-22513, and CVE-2023-28709, which affect their products. These...

6.5CVSS7.8AI score0.51547EPSS
Exploits1
Amazon
Amazon
added 2023/09/25 12:0 a.m.5 views

Important: tomcat

Issue Overview: The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a reques...

7.5CVSS6.9AI score0.51547EPSS
Exploits1
Amazon
Amazon
added 2023/09/25 12:0 a.m.7 views

Important: tomcat

Issue Overview: The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a reques...

7.5CVSS6.9AI score0.51547EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/09/04 12:24 p.m.83 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update

Red Hat JBoss Web Server 5.7.4 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CV...

9.8CVSS7AI score0.51547EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2023/09/04 12:19 p.m.68 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update

An update is now available for Red Hat JBoss Web Server 5.7.4 on Red Hat Enterprise Linux versions 7, 8, and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7AI score0.51547EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/09/04 12:0 a.m.68 views

RHEL 7 / 8 / 9 : Red Hat JBoss Web Server 5.7.4 (RHSA-2023:4909)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4909 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of...

9.8CVSS7.6AI score0.51547EPSS
Exploits1References11
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/16 5:24 p.m.49 views

Security Bulletin: Vulnerability in Apache Tomcat Server (CVE-2023-28709 ) affects Power HMC

Summary Apache Tomcat Server is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-28709 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an incomplete fix for CVE-2023-24998 related to the failure to...

7.5CVSS7.8AI score0.51547EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.64 views

Oracle Solaris Critical Patch Update : jul2023_SRU11_4_59_144_2

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL component: Monitoring: General Apache Tomcat. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability...

9.8CVSS7AI score0.52164EPSS
Exploits15References49
Rows per page
Query Builder