CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - tomcat: deserialization flaw in session persistence storage leading to RCE CVE-2020-9484 Note that Nessus has not...

7CVSS7.5AI score0.93464EPSS

Exploits15References1

Tenable Nessus•added 2022/07/01 12:0 a.m.•84 views

RHEL 6 : Red Hat JBoss Enterprise Application Platform 6.4.24 (RHSA-2022:5459)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5459 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8.7AI score0.92155EPSS

Exploits11References19

RedHat Linux•added 2022/06/30 7:14 p.m.•75 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.24 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.5AI score0.92155EPSS

Exploits11References11

RedHat Linux•added 2022/06/30 7:0 p.m.•3 views

jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS

A flaw was found in jbossweb. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability...

7.5CVSS7.1AI score0.92155EPSS

Exploits1References4

RedHat Linux•added 2022/06/30 6:34 p.m.•74 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.24 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 6.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.5AI score0.92155EPSS

Exploits11References11

RedHat Linux•added 2022/06/30 6:34 p.m.•3 views

jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS

7.5CVSS7.1AI score0.92155EPSS

Exploits1References4

Github Security Blog•added 2022/05/14 2:16 a.m.•26 views

Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment

The Double.parseDouble method in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a...

5CVSS6.5AI score0.39874EPSS

Exploits1References60Affected Software1

OSV•added 2022/05/14 2:16 a.m.•26 views

GHSA-GVGC-RXMH-5HVW Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment

5CVSS8.5AI score0.39874EPSS

Exploits1References60

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by