CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

Tenable Nessus•added 2025/08/09 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2024-52317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to...

6.5CVSS6.9AI score0.215EPSS

Exploits1References2

IBM Security Bulletins•added 2025/06/25 11:32 a.m.•10 views

Security Bulletin: IBM DevOps Build addresses multiple vulnerabilities.

Summary IBM DevOps Build 7.1.0.0 addresses multiple vulnerabilities. Vulnerability Details CVEID:CVE-2024-46544 DESCRIPTION: Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to...

9.8CVSS7.8AI score0.215EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2025/06/23 1:12 p.m.•12 views

Security Bulletin: IBM DevOps Release addresses multiple vulnerabilities related to Apache Tomcat.

Summary IBM DevOps Release 7.0.0.4 addresses multiple vulnerabilities related to Apache Tomcat. Vulnerability Details CVEID:CVE-2024-46544 DESCRIPTION: Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk...

9.8CVSS7.8AI score0.215EPSS

Exploits3Affected Software1

Ubuntu•added 2025/06/09 2:59 p.m.•8 views

USN-7562-1: Tomcat vulnerabilities

It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. This issue was fixed for tomcat8 on Ubuntu 18.04 LTS and for tomcat9 on...

8.6CVSS7.5AI score0.70951EPSS

Exploits6

IBM Security Bulletins•added 2025/03/13 4:44 p.m.•13 views

Security Bulletin: Vulnerabilities in Apache Tomcat affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerabilities in Apache Tomcat has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information...

9.8CVSS7.9AI score0.215EPSS

Exploits2Affected Software2

SUSE CVE•added 2025/02/14 4:9 a.m.•6 views

SUSE CVE-2024-52317

Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through...

6.5CVSS7.8AI score0.215EPSS

Exploits1References6

IBM Security Bulletins•added 2025/02/07 7:28 p.m.•18 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to object recycling and reuse vulnerability in Apache Tomcat (CVE-2024-52318)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD is susceptible to incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Vulnerability Details CVEID:CVE-2024-52318 DESCRIPTION: Incorrect object recycling and reuse...

6.1CVSS6.2AI score0.15467EPSS

Exploits1Affected Software1

Veracode•added 2024/11/21 11:55 a.m.•9 views

Incorrect Object Recycling And Re-use

Apache Tomcat is vulnerable to Incorrect object recycling and re-use. The vulnerability is due to flawed object recycling logic in Apache Tomcat's HTTP/2 implementation. Specifically, the request and response objects are not properly cleared or segregated before being reused, allowing data from o...

6.5CVSS6.4AI score0.215EPSS

Exploits1References7Affected Software2

OSV•added 2024/11/20 7:19 a.m.•23 views

BIT-TOMCAT-2024-52318 Apache Tomcat: Incorrect JSP tag recycling leads to XSS

Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue...

6.1CVSS5.9AI score0.15467EPSS

Exploits1References4

SUSE CVE•added 2024/11/19 3:48 a.m.•6 views

SUSE CVE-2024-52318

6.1CVSS9.5AI score0.15467EPSS

Exploits1References3

OSV•added 2024/11/18 1:15 p.m.•5 views

DEBIAN-CVE-2024-52318

6.1CVSS7AI score0.15467EPSS

Exploits1References1

OSV•added 2024/11/18 1:15 p.m.•28 views

CVE-2024-52318

6.1CVSS6.2AI score

Exploits0References3

NVD•added 2024/11/18 1:15 p.m.•24 views

CVE-2024-52318

6.1CVSS0.15467EPSS

Exploits1References3

Debian CVE•added 2024/11/18 12:21 p.m.•20 views

CVE-2024-52318

6.1CVSS7AI score0.15467EPSS

Exploits1

Vulnrichment•added 2024/11/18 12:21 p.m.•17 views

CVE-2024-52318 Apache Tomcat: Incorrect JSP tag recycling leads to XSS

7.2AI score0.15467EPSS

Exploits1References1

OSV•added 2024/11/18 12:15 p.m.•5 views

DEBIAN-CVE-2024-52317

6.5CVSS7AI score0.215EPSS

Exploits1References1

OSV•added 2024/11/18 12:15 p.m.•21 views

CVE-2024-52317

6.5CVSS6.4AI score

Exploits0References3

OSV•added 2024/11/18 12:15 p.m.•0 views

UBUNTU-CVE-2024-52317

6.5CVSS6.9AI score0.215EPSS

Exploits1References6

Debian CVE•added 2024/11/18 11:36 a.m.•13 views

CVE-2024-52317

6.5CVSS7AI score0.215EPSS

Exploits1

Tenable Nessus•added 2024/11/18 12:0 a.m.•23 views

Apache Tomcat 9.0.92 < 9.0.96 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.96. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.96security-9 advisory. - Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the...

9.8CVSS8AI score0.215EPSS

Exploits2References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by