Lucene search
K

309 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago5 views

Apache Tomcat 11.0.0.M1 < 11.0.23 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 11.0.23. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat11.0.23security-11 advisory. - Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in the...

9.1CVSS6AI score0.00413EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51825

Name of the Vulnerable Software and Affected Versions Apple M1 GPUs affected versions not specified Description Apple M1 GPUs retain register file data between compute shader dispatches from different processes. This allows a sandboxed Metal attacker application to execute a GPU reader shader to...

8.6CVSS5.8AI score0.00303EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/24 12:0 a.m.30 views

CVE-2026-49269

Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random...

0.00303EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 12:0 a.m.15 views

CVE-2026-49269

Apple M1 GPUs expose a cross-process register state leakage: a sandboxed Metal attacker can read stale values from another sandboxed process’s compute shader dispatches, potentially recovering a 128-bit secret that was loaded into GPU registers. In proof-of-concept, a victim app writes a fresh se...

8.6CVSS5.8AI score0.00303EPSS
Exploits0References1
OSV
OSV
added 2026/05/18 8:57 a.m.6 views

BIT-TOMCAT-2025-52434 Apache Tomcat: APR/Native Connector crash leading to DoS

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0 through...

7.5CVSS7.3AI score0.01819EPSS
Exploits0References4
OSV
OSV
added 2026/05/12 4:16 p.m.4 views

DEBIAN-CVE-2026-43512

DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from before 7.0.0. Older unsupported...

9.8CVSS5.7AI score0.01233EPSS
Exploits1References1
CVE
CVE
added 2026/05/08 1:38 p.m.22 views

CVE-2026-39816

CVE-2026-39816 impacts Apache NiFi 2.0.0-M1 through 2.8.0 where the optional TinkerpopClientService (in the graph bundle, nifi-other-graph-services-nar) lacks the @Restricted annotation for Execute Code permission. This allows a flow designer with restricted privileges to configure ByteCode Submi...

8.8CVSS5.9AI score0.0076EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/08 12:0 a.m.6 views

ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +62 more potentially affected by CVE-2026-41712 via org.springframework.ai:spring-ai-openai (>=1.1.0-M1 <=1.1.5)

org.springframework.ai:spring-ai-openai MAVEN version =1.1.0-M1, =0.1.0, =0.1.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =0.6.0, =1.21.2, =1.1.0.0, =1.1.0.0, =1.1.2.3 and more Source cves: CVE-2026-41712 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16624639...

7.5CVSS5.4AI score0.0026EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/07 12:6 a.m.7 views

be.appify.prefab:prefab-sns-sqs (>=0.4.0 <=0.7.1), be.appify.prefab:prefab-test (>=0.4.0 <=0.7.1) +72 more potentially affected by CVE-2026-44308 via io.awspring.cloud:spring-cloud-aws-autoconfigure (>=3.0.0-M1 <=4.0.1)

io.awspring.cloud:spring-cloud-aws-autoconfigure MAVEN version =3.0.0-M1, =0.4.0, =0.4.0, =3.2.1, =1.0.0, =1.0.3, =1.0.0, =1.0.0, =1.0.0, =4.0.0-rc.39, =4.0.0-rc.39, =4.0.0-rc.39, =5.0.2, =5.1.1 and more Source cves: CVE-2026-44308 Source advisory: SNYK:JAVA-IOAWSPRINGCLOUD-16799817...

6.3CVSS5.4AI score0.00179EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/07 12:6 a.m.5 views

be.appify.prefab:prefab-sns-sqs (>=0.4.0 <=0.7.1), be.appify.prefab:prefab-test (>=0.4.0 <=0.7.1) +8 more potentially affected by CVE-2026-44308 via io.awspring.cloud:spring-cloud-aws-sns (>=4.0.0-M1 <=4.0.1)

io.awspring.cloud:spring-cloud-aws-sns MAVEN version =4.0.0-M1, =0.4.0, =0.4.0, =4.0.0, =4.0.0, =4.0.0, =2.1.0, =1.3.0, =7.0.0, =7.0.0, =7.3.1 Source cves: CVE-2026-44308 Source advisory: SNYK:JAVA-IOAWSPRINGCLOUD-16799818...

6.3CVSS5.4AI score0.00179EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/06 12:0 a.m.7 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-41002 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-41002 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439108...

8.1CVSS5.8AI score0.0022EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/06 12:0 a.m.9 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-40981 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-40981 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439020...

7.5CVSS5.8AI score0.00435EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/27 10:15 a.m.8 views

org.apache.camel.kafkaconnector:camel-sjms-batch-kafka-connector (>=0.1.0 <=0.11.0), org.apache.camel.kafkaconnector:camel-sjms-kafka-connector (>=0.1.0 <=0.11.5) +21 more potentially affected by CVE-2026-40453 via org.apache.camel:camel-sjms (>=3.0.0-M1 <=4.14.5)

org.apache.camel:camel-sjms MAVEN version =3.0.0-M1, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =4.10.3, =1.0.0, =2.2.0, =1.0.0-M1, =2.2.0, =2.2.0, =2.2.0, =2.2.0, =3.19.0, =1.0.0, =3.2...

9.9CVSS5.8AI score0.0086EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/27 10:14 a.m.5 views

org.apache.camel.kafkaconnector:camel-sjms2-kafka-connector (>=0.1.0 <=4.14.5), org.apache.camel.kafkaconnector:itests-sjms2 (>=0.3.0 <=4.14.5) +10 more potentially affected by CVE-2026-40860 via org.apache.camel:camel-sjms2 (>=3.0.0-M1 <=4.14.6)

org.apache.camel:camel-sjms2 MAVEN version =3.0.0-M1, =0.1.0, =0.3.0, =0.1.0, =4.10.3, =1.0.0, =1.0.0-M1, =2.2.0, =2.2.0, =1.0.0, =1.0.0, =3.0.0, =3.0.0-M1, =3.0.0-RC3 Source cves: CVE-2026-40860 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-16321538...

9.8CVSS5.8AI score0.00881EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/27 12:0 a.m.8 views

org.springframework.ai:spring-ai-starter-vector-store-mongodb-atlas (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-mongodb-atlas-store (>=1.1.0-M1 <=1.1.4)

org.springframework.ai:spring-ai-mongodb-atlas-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321392...

8.6CVSS5.8AI score0.00394EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/27 12:0 a.m.9 views

org.springframework.ai:spring-ai-starter-vector-store-typesense (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-typesense-store (>=1.1.0-M1 <=1.1.4)

org.springframework.ai:spring-ai-typesense-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321396...

8.6CVSS5.8AI score0.00394EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/27 12:0 a.m.9 views

com.thecookiezen:archiledger-core (>=0.0.4 <=0.0.5), org.springframework.ai:spring-ai-starter-model-transformers (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40979 via org.springframework.ai:spring-ai-autoconfigure-model-transformers (>=1.1.0-M1 <=1.1.4)

org.springframework.ai:spring-ai-autoconfigure-model-transformers MAVEN version =1.1.0-M1, =0.0.4, =1.1.0, =1.1.4 Source cves: CVE-2026-40979 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16316420...

6.1CVSS5.8AI score0.00105EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/23 12:0 a.m.6 views

com.alibaba.cloud.ai:spring-ai-alibaba-autoconfigure-rag-elasticsearch (=2.0.0-M1.1), com.alibaba.cloud.ai:spring-ai-alibaba-rag (=2.0.0-M1.1) +43 more potentially affected by CVE-2026-40970 via org.springframework.boot:spring-boot-elasticsearch (>=4.0.0-M1 <=4.0.5)

org.springframework.boot:spring-boot-elasticsearch MAVEN version =4.0.0-M1, =2.0.0-alpha3, =1.2.1, =0.1.0, =2025.12, =2026.04 - io.github.vsvyatski:content-fs-spring-boot-starter =4.0.0 - io.github.vsvyatski:content-jpa-spring-boot-starter =4.0.0 -...

6.8CVSS5.7AI score0.00136EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/09 7:36 p.m.2 views

CVE-2026-34487

Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.13 through 9.0.116. User...

5.8AI score0.00447EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-31711

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.20, 10.1.0-M1 through 10.1.53, and 9.0.40 through 9.0.116 Description A flaw exists within the JsonAccessLogValve component of Apache Tomcat related to improper encoding or escaping of output...

9.8CVSS5.8AI score0.15831EPSS
Exploits5References127
Rows per page
Query Builder