Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2022/11/03 12:0 a.m.1 views

Red Hat Ceph 安全漏洞

Red Hat Ceph is a Linux petabyte-level distributed file system from Red Hat. The main goal of the system is to be designed as a distributed file system without a single point of failure based on POSIX Portable Operating System Interface, enabling fault-tolerant and seamless replication of data. A...

6.5CVSS6.4AI score0.00307EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2018/05/14 8:15 p.m.3 views

tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources

The URL pattern of "" the empty string which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It...

5.9CVSS7.1AI score0.0304EPSS
Exploits0References7
RedHat Linux
RedHat Linuxadded 2018/03/07 3:9 p.m.3 views

tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources

The URL pattern of "" the empty string which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It...

5.9CVSS7.1AI score0.0304EPSS
Exploits0References7
CNVD
CNVDadded 2018/02/24 12:0 a.m.1 views

Apache Tomcat Security Bypass Vulnerability (CNVD-2018-03661)

Tomcat is developed by the Apache Software Foundation under the Jakarta project a Servlet container , in accordance with the technical specifications provided by Sun Microsystems , the realization of the Servlet and JavaServer Page JSP support , and provides as a Web server some of the unique...

5.9CVSS6.8AI score0.0304EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2018/02/11 12:0 a.m.7 views

PT-2018-2767 · Apache +5 · Apache Tomcat +5

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 9.0.0.M1 through 9.0.4 Apache Tomcat versions 8.5.0 through 8.5.27 Apache Tomcat versions 8.0.0.RC1 through 8.0.49 Apache Tomcat versions 7.0.0 through 7.0.84 Description: The issue arises from the incorrect handling of...

9.8CVSS7.5AI score0.9438EPSS
Exploits31References169
Atlassian
Atlassianadded 2010/04/16 5:4 a.m.20 views

issuelinkssmall.jsp has an XSS hole via the URL used to access it

The issuelinkssmall.jsp has an XSS hole, where if the URL contains an XSS string, the ww:url tag will include that tag in the page because the value attribute was left empty...

1.3AI score
Exploits0
Atlassian
Atlassianadded 2010/04/16 5:4 a.m.17 views

issuelinkssmall.jsp has an XSS hole via the URL used to access it

The issuelinkssmall.jsp has an XSS hole, where if the URL contains an XSS string, the ww:url tag will include that tag in the page because the value attribute was left empty...

1.3AI score
Exploits0Affected Software1
Rows per page
Query Builder