CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-4281

Malware in sbrugna...

5CVSS6AI score0.02649EPSS

Exploits0References22

F5 Networks•added 2023/02/21 7:54 p.m.•45 views

K00174195: Apache Tomcat vulnerability CVE-2021-25122

Security Advisory Description When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both se...

7.5CVSS7.5AI score0.02775EPSS

Exploits1Affected Software1

SUSE CVE•added 2023/02/15 6:9 a.m.•1 views

SUSE CVE-2007-6286

Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to...

4.3CVSS7AI score0.10024EPSS

Exploits1References5

Tenable Nessus•added 2021/03/25 12:0 a.m.•33 views

Amazon Linux AMI : tomcat8 (ALAS-2021-1491)

The version of tomcat8 installed on the remote host is prior to 8.5.63-1.87. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1491 advisory. A deserialization flaw was discovered in Apache Tomcat's use of a FileStore. Under specific circumstances, an attacker...

7.5CVSS7.4AI score0.93464EPSS

Exploits15References5

NVD•added 2008/09/27 10:30 a.m.•16 views

CVE-2008-4298

Memory leak in the httprequestparse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service memory consumption via a large number of requests with duplicate request headers...

5CVSS6.3AI score0.02649EPSS

Exploits0References19