Lucene search
+L

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.10 views

TencentOS Server 3: tomcat (TSSA-2024:0045)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0045 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

6.1CVSS7.3AI score0.05972EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-42794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through...

5.9CVSS7.2AI score0.01854EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/24 12:0 a.m.41 views

Oracle Linux 9 : tomcat (ELSA-2024-3307)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3307 advisory. - Resolves: RHEL-31048 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 - Resolves: RHEL-31032 tomcat: : Apache...

7.5CVSS7.7AI score0.23072EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.29 views

openSUSE Security Advisory (SUSE-SU-2024:0472-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.05848EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2024/02/17 12:0 a.m.87 views

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (SUSE-SU-2024:0472-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0472-1 advisory. Updated to Tomcat 9.0.85: - CVE-2023-45648: Improve trailer header parsing bsc1216118. - CVE-2023-42794: FileUpload:...

7.8CVSS6.8AI score0.05848EPSS
Exploits2References18
OpenVAS
OpenVAS
added 2024/02/15 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2024:0472-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.05848EPSS
Exploits2References11
Circl
Circl
added 2024/01/28 7:15 a.m.3 views

CVE-2023-42794

creationtimestamp| type| source ---|---|--- 2024-01-28 07:15:28+00:00| seen| https://t.me/arpsyndicate/3247 2024-02-07 13:11:50+00:00| seen| https://t.me/ctinow/180683...

5.9CVSS6.7AI score0.01854EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/01/25 10:59 a.m.52 views

Moderate: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

6.1CVSS6.8AI score0.05972EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2024/01/25 12:0 a.m.39 views

RHEL 9 : tomcat (RHSA-2024:0474)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0474 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect...

6.1CVSS7.4AI score0.05972EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2024/01/11 12:0 a.m.102 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.5)

The version of AOS installed on the remote host is prior to 6.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.5 advisory. - Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through...

7.5CVSS7.2AI score0.99999EPSS
Exploits22References5
RedHat Linux
RedHat Linux
added 2024/01/10 11:32 a.m.52 views

Moderate: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

6.1CVSS6.8AI score0.05972EPSS
Exploits2References5
AlmaLinux
AlmaLinux
added 2024/01/10 12:0 a.m.80 views

Moderate: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794 tomcat: improper...

6.1CVSS7.3AI score0.05972EPSS
Exploits2References10
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/04 7:11 a.m.42 views

Security Bulletin: IBM DevOps Build 7.0.0 addresses multiple vulnerabilities.

Summary IBM DevOps Build 7.0.0 addresses multiple vulnerabilities. Vulnerability Details CVEID:CVE-2023-45648 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP trailer headers. By sending a specially crafted invalid trailer header, an attacker...

5.9CVSS7.3AI score0.05848EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/03 2:43 p.m.42 views

Security Bulletin: IBM Integration Bus is vulnerable to HTTP request smuggling and a denial of service due to Apache Tomcat. (CVE-2023-46589, CVE-2023-42794)

Summary IBM Integration Bus is vulnerable to HTTP request smuggling and a denial of service due to Apache Tomcat. Vulnerability Details CVEID:CVE-2023-46589 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By sending a...

7.5CVSS7AI score0.02651EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/12/07 12:37 p.m.49 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.7 release and security update

Red Hat JBoss Web Server 5.7.7 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVS...

7.5CVSS6.7AI score0.75116EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/11/23 12:0 a.m.38 views

Atlassian Confluence 7.19.1 < 7.19.16 / 8.3.x < 8.5.3 / 8.6.x < 8.6.1 (CONFSERVER-93164)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-93164 advisory. - Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and...

5.9CVSS7.3AI score0.01854EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/14 11:7 a.m.60 views

Security Bulletin: IBM Integration Bus is vulnerable to multiple CVEs due to Apache Tomcat.

Summary Due to Apache Tomcat, IBM Integration Bus is vulnerable to multiple CVEs. CVE-2023-45648, CVE-2023-42794, CVE-2023-44487, CVE-2023-42795. Vulnerability Details CVEID: CVE-2023-45648 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP...

7.5CVSS7.2AI score0.99999EPSS
Exploits22Affected Software1
CVE
CVE
added 2023/10/10 5:17 p.m.322 views

CVE-2023-42794

CVE-2023-42794 is an Incomplete Cleanup vulnerability in Apache Tomcat’s internal Commons FileUpload fork. It affects Tomcat 9.0.70–9.0.80 and 8.5.85–8.5.93; a partially refactored, unreleased code path could leave an uploaded file stream open if not closed, causing the file to remain on disk and...

5.9CVSS6.5AI score0.01854EPSS
Exploits0References2Affected Software1
Kaspersky
Kaspersky
added 2023/10/10 12:0 a.m.46 views

KLA61363 Multiple vulnerabilities in Apache Tomcat

Multiple vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in HTTP/2 protocol can be...

7.5CVSS9.5AI score0.99999EPSS
Exploits22References5
Apache Tomcat
Apache Tomcat
added 2023/10/10 12:0 a.m.164 views

Fixed in Apache Tomcat 9.0.81

Important: Request smuggling CVE-2023-45648 Tomcat did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. This was fixe...

7.5CVSS7.7AI score0.99999EPSS
Exploits22Affected Software1
Rows per page
Query Builder