CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

262 matches found

Tenable Nessus•added 2017/07/12 12:0 a.m.•34 views

Debian DLA-1021-1 : jetty8 security update

It was discovered that Jetty8, a Java servlet engine and webserver, was vulnerable to a timing attack which might reveal cryptographic credentials such as passwords to a local user. For Debian 7 'Wheezy', these problems have been fixed in version 8.1.3-4+deb7u1. We recommend that you upgrade your...

7.5CVSS6.7AI score0.0084EPSS

Exploits0References3

Fedora•added 2017/06/30 12:50 a.m.•64 views

[SECURITY] Fedora 25 Update: tomcat-8.0.44-1.fc25

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

7.5CVSS2.8AI score0.10802EPSS

Exploits1

Fedora•added 2017/06/29 11:50 p.m.•45 views

[SECURITY] Fedora 24 Update: tomcat-8.0.44-1.fc24

7.5CVSS2.8AI score0.10802EPSS

Exploits1

Tenable Nessus•added 2017/06/21 12:0 a.m.•48 views

Debian DLA-996-1 : tomcat7 security update

The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the origin...

7.5CVSS7.8AI score0.10802EPSS

Exploits1References3

OSV•added 2017/06/06 2:29 p.m.•38 views

CVE-2017-5664

7.5CVSS7.5AI score

Exploits0References38

Prion•added 2017/06/06 2:29 p.m.•27 views

Design/Logic Flaw

5CVSS7.3AI score0.10802EPSS

Exploits1References38Affected Software1

NVD•added 2017/06/06 2:29 p.m.•29 views

CVE-2017-5664

7.5CVSS7.5AI score0.10802EPSS

Exploits1References38

Debian CVE•added 2017/06/06 2:0 p.m.•44 views

CVE-2017-5664

7.5CVSS7.9AI score0.10802EPSS

Exploits1

EUVD•added 2017/06/06 2:0 p.m.•1 views

EUVD-2022-4402

7.5CVSS7.7AI score0.10802EPSS

Exploits1References72

CVE•added 2017/06/06 2:0 p.m.•342 views

CVE-2017-5664

CVE-2017-5664 affects Apache Tomcat and concerns the error page mechanism. The DefaultServlet failed to forward error pages with the original request method across multiple releases (Tomcat 9.0.0.M1–9.0.0.M20, 8.5.0–8.5.14, 8.0.0.RC1–8.0.43, 7.0.0–7.0.77), which could lead to unexpected results f...

7.5CVSS7.5AI score0.10802EPSS

Exploits1References38Affected Software1

OSV•added 2017/06/06 12:0 a.m.•0 views

UBUNTU-CVE-2017-5664

7.5CVSS7.1AI score0.10802EPSS

Exploits1References5

UbuntuCve•added 2017/06/06 12:0 a.m.•178 views

CVE-2017-5664

7.5CVSS7.1AI score0.10802EPSS

Exploits1References4

Apache Tomcat•added 2017/05/16 12:0 a.m.•72 views

Fixed in Apache Tomcat 7.0.78

Important: Security Constraint Bypass CVE-2017-5664 The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the...

7.5CVSS7.6AI score0.10802EPSS

Exploits1Affected Software1

Apache Tomcat•added 2017/05/10 12:0 a.m.•62 views

Fixed in Apache Tomcat 8.5.15

7.5CVSS7.6AI score0.10802EPSS

Exploits1Affected Software1

Fedora•added 2017/04/27 8:56 p.m.•41 views

[SECURITY] Fedora 26 Update: tomcat-8.0.43-1.fc26

9.8CVSS2.8AI score0.21758EPSS

Exploits0

Fedora•added 2017/04/27 8:51 p.m.•53 views

[SECURITY] Fedora 24 Update: tomcat-8.0.43-1.fc24

9.8CVSS2.8AI score0.21758EPSS

Exploits0

RedHat Linux•added 2017/03/22 4:46 p.m.•1 views

tomcat: Infinite loop in the processing of https requests

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop...

7.5CVSS5.8AI score0.13832EPSS

Exploits5References6

Tenable Nessus•added 2017/03/20 12:0 a.m.•65 views

CentOS 6 : tomcat6 (CESA-2017:0527)

An update for tomcat6 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS7.3AI score0.1091EPSS

Exploits5References3

OpenVAS•added 2017/03/18 12:0 a.m.•58 views

CentOS Update for tomcat6 CESA-2017:0527 centos6

Check the version of tomcat6 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882682";...

7.5CVSS7.2AI score0.1091EPSS

Exploits5References2

Saint•added 2017/03/16 12:0 a.m.•88 views

Apache Struts 2 Jakarta Multipart Parser file upload command execution

Added: 03/16/2017 CVE: CVE-2017-5638 BID: 96729 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem The Jakarta...

10CVSS10AI score0.94267EPSS

Exploits44

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by