Lucene search
+L

1112 matches found

OSV
OSV
added 5 days ago4 views

JLSEC-2026-745 Bleichenbacher padding oracle in PKCS#7 KTRI decryption. When decrypting PKCS#7 EnvelopedData...

Bleichenbacher padding oracle in PKCS7 KTRI decryption. When decrypting PKCS7 EnvelopedData using RSA PKCS1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RSA padding validation failed versus whether the decrypted content was malformed. An attacker able to...

6.5CVSS6.1AI score0.00152EPSS
Exploits0References5
OSV
OSV
added 5 days ago4 views

JLSEC-2026-732 A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover...

A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with modified ciphertext. In previous versions of wolfSSL the interior padding bytes are not validated...

6.3CVSS6.1AI score0.00111EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 6 days ago6 views

Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor

A flaw was found in Apache Tomcat. This Padding Oracle vulnerability, present in the EncryptInterceptor with its default configuration, could allow a remote attacker to decrypt sensitive information. By exploiting weaknesses in the encryption padding, an attacker may be able to gain unauthorized...

7.5CVSS7AI score0.0504EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 6 days ago6 views

Important: Red Hat Security Advisory: tomcat security, bug fix, and enhancement update

An update for tomcat is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7AI score0.21691EPSS
Exploits6References4
OSV
OSV
added 2026/07/10 12:5 p.m.4 views

RLSA-2026:36790 Important: tomcat9 security, bug fix, and enhancement update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

7.5CVSS6.9AI score0.21691EPSS
Exploits6References3
Rockylinux
Rockylinux
added 2026/07/10 12:5 p.m.9 views

tomcat9 security, bug fix, and enhancement update

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tomcat is the servlet container that is used in the official Reference...

9.1CVSS6.2AI score0.21691EPSS
Exploits8
Rockylinux
Rockylinux
added 2026/07/10 12:3 p.m.8 views

tomcat security, bug fix, and enhancement update

An update is available for tomcat. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages...

7.5CVSS6.2AI score0.21691EPSS
Exploits6
OSV
OSV
added 2026/07/10 12:3 p.m.3 views

RLSA-2026:36879 Important: tomcat security, bug fix, and enhancement update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor CVE-2026-29146 Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive...

7.5CVSS7AI score0.21691EPSS
Exploits6References3
Rockylinux
Rockylinux
added 2026/07/10 6:0 a.m.8 views

tomcat security, bug fix, and enhancement update

An update is available for tomcat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages...

7.5CVSS7AI score0.21691EPSS
Exploits6
OSV
OSV
added 2026/07/10 6:0 a.m.2 views

RLSA-2026:37137 Important: tomcat security, bug fix, and enhancement update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor CVE-2026-29146 Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive...

7.5CVSS7AI score0.21691EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2026/07/10 12:0 a.m.8 views

RockyLinux 10 : tomcat9 (RLSA-2026:36790)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:36790 advisory. Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor CVE-2026-29146 Apache Tomcat: Apache Tomcat...

9.1CVSS6.8AI score0.21691EPSS
Exploits8References27
RedHat Linux
RedHat Linux
added 2026/07/09 8:24 a.m.11 views

Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor

A flaw was found in Apache Tomcat. This Padding Oracle vulnerability, present in the EncryptInterceptor with its default configuration, could allow a remote attacker to decrypt sensitive information. By exploiting weaknesses in the encryption padding, an attacker may be able to gain unauthorized...

7.5CVSS7.2AI score0.0504EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/07/09 8:3 a.m.9 views

Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor

A flaw was found in Apache Tomcat. This Padding Oracle vulnerability, present in the EncryptInterceptor with its default configuration, could allow a remote attacker to decrypt sensitive information. By exploiting weaknesses in the encryption padding, an attacker may be able to gain unauthorized...

7.5CVSS7.2AI score0.0504EPSS
Exploits1References5
OSV
OSV
added 2026/07/09 12:0 a.m.7 views

ALSA-2026:37137 Important: tomcat security, bug fix, and enhancement update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor CVE-2026-29146 Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive...

7.5CVSS7AI score0.21691EPSS
Exploits6References6
RedHat Linux
RedHat Linux
added 2026/07/08 10:12 p.m.5 views

Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor

A flaw was found in Apache Tomcat. This Padding Oracle vulnerability, present in the EncryptInterceptor with its default configuration, could allow a remote attacker to decrypt sensitive information. By exploiting weaknesses in the encryption padding, an attacker may be able to gain unauthorized...

7.5CVSS7.2AI score0.0504EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/07/08 10:12 p.m.7 views

Important: Red Hat Security Advisory: tomcat security, bug fix, and enhancement update

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS7.2AI score0.21691EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2026/07/08 10:3 p.m.8 views

Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor

A flaw was found in Apache Tomcat. This Padding Oracle vulnerability, present in the EncryptInterceptor with its default configuration, could allow a remote attacker to decrypt sensitive information. By exploiting weaknesses in the encryption padding, an attacker may be able to gain unauthorized...

7.5CVSS7.2AI score0.0504EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/07/08 9:53 p.m.15 views

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.2AI score0.21691EPSS
Exploits6References3
RedHat Linux
RedHat Linux
added 2026/07/08 9:53 p.m.6 views

Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor

A flaw was found in Apache Tomcat. This Padding Oracle vulnerability, present in the EncryptInterceptor with its default configuration, could allow a remote attacker to decrypt sensitive information. By exploiting weaknesses in the encryption padding, an attacker may be able to gain unauthorized...

7.5CVSS7.2AI score0.0504EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/07/08 9:46 p.m.9 views

Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor

A flaw was found in Apache Tomcat. This Padding Oracle vulnerability, present in the EncryptInterceptor with its default configuration, could allow a remote attacker to decrypt sensitive information. By exploiting weaknesses in the encryption padding, an attacker may be able to gain unauthorized...

7.5CVSS7.2AI score0.0504EPSS
Exploits1References5
Rows per page
Query Builder