Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26 matches found

OSV
OSVadded 2024/03/06 11:10 a.m.44 views

BIT-TOMCAT-2020-9484

When using Apache Tomcat versions 9.0.0 through 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the PersistenceManager is configured...

7CVSS7.4AI score0.93464EPSS
Exploits15References43
Tenable Nessus
Tenable Nessusadded 2022/01/26 12:0 a.m.1292 views

Apache Tomcat 9.0.35 < 9.0.58 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.58. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.58security-9 advisory. - When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to...

7CVSS7.2AI score0.93464EPSS
Exploits15References3
Tenable Nessus
Tenable Nessusadded 2022/01/26 12:0 a.m.43 views

Apache Tomcat 10.0.0.M5 < 10.0.16 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 10.0.16. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat10.0.16security-10 advisory. - When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to...

7CVSS7.2AI score0.93464EPSS
Exploits15References3
Tenable Nessus
Tenable Nessusadded 2021/10/27 12:0 a.m.40 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : tomcat Vulnerability (NS-SA-2021-0135)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has tomcat packages installed that are affected by a vulnerability: - When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the...

7CVSS7.2AI score0.93464EPSS
Exploits15References3
Atlassian
Atlassianadded 2021/03/11 7:39 p.m.124 views

Tomcat PersistenceManager vulnerabilities - CVE-2021-25329 and CVE-2021-25122

Affected versions of Atlassian Jira Server and Data Center are susceptible to Tomcat PersistenceManager vulnerabilities. Affected versions: ≤ 8.16.0 Fixed versions: pending...

7.5CVSS5.1AI score0.02775EPSS
Exploits15Affected Software1
Atlassian
Atlassianadded 2021/03/11 7:39 p.m.63 views

Tomcat PersistenceManager vulnerabilities - CVE-2021-25329 and CVE-2021-25122

Affected versions of Atlassian Jira Server and Data Center are susceptible to Tomcat PersistenceManager vulnerabilities. Affected versions: ≤ 8.16.0 Fixed versions: pending...

7.5CVSS7.1AI score0.02775EPSS
Exploits15
Veracode
Veracodeadded 2021/03/03 6:5 a.m.51 views

Remote Code Execution

tomcat-catalina is vulnerable to remote code execution. If a remote attacker knows and is able to control the contents and name of a file, remote code execution can be achieved if the server is configured to use PersistenceManager with a FileStore and the PersistenceManager is configured with the...

7CVSS5.4AI score0.93464EPSS
Exploits15References30Affected Software2
RedhatCVE
RedhatCVEadded 2021/03/02 12:32 p.m.76 views

CVE-2021-25329

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the...

7.5CVSS7.4AI score0.93464EPSS
Exploits15References8
GithubExploit
GithubExploitadded 2020/12/31 9:54 p.m.231 views

Exploit for Deserialization of Untrusted Data in Apache Tomcat

Remote Code Execution Exploit in Apache Tomcat 9.0.27 Apache...

7CVSS8.3AI score0.93464EPSS
Exploits15
Tenable Nessus
Tenable Nessusadded 2020/08/06 12:0 a.m.54 views

Ubuntu 16.04 LTS : Tomcat vulnerabilities (USN-4448-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4448-1 advisory. It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause...

7.5CVSS8AI score0.93464EPSS
Exploits16References4
Mageia
Mageiaadded 2020/07/05 11:26 a.m.50 views

Updated tomcat packages fix security vulnerability

Updated tomcat packages fix security vulnerability: When using Apache Tomcat versions 9.0.0.M1 to 9.0.34, if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the PersistenceManager ...

7CVSS4.5AI score0.93464EPSS
Exploits15References2
Amazon
Amazonadded 2020/06/30 12:0 a.m.68 views

Important: tomcat

Issue Overview: When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and ...

7CVSS8.4AI score0.93464EPSS
Exploits15
Amazon
Amazonadded 2020/06/26 12:0 a.m.84 views

Important: tomcat8

Issue Overview: When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and ...

7CVSS8.4AI score0.93464EPSS
Exploits15
Amazon
Amazonadded 2020/06/26 12:0 a.m.77 views

Important: tomcat7

Issue Overview: When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and ...

7CVSS8.4AI score0.93464EPSS
Exploits15
Github Security Blog
Github Security Blogadded 2020/05/21 6:52 p.m.1089 views

Potential remote code execution in Apache Tomcat

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the...

7CVSS5.9AI score0.93464EPSS
Exploits15References55Affected Software2
Veracode
Veracodeadded 2020/05/21 3:52 a.m.43 views

Remote Code Execution

tomcat-catalina is vulnerable to remote code execution. If a remote attacker knows and is able to control the contents and name of a file, remote code execution can be achieved if the server is configured to use PersistenceManager with a FileStore and the PersistenceManager is configured with the...

7CVSS6.4AI score0.93464EPSS
Exploits15References66Affected Software11
RedhatCVE
RedhatCVEadded 2020/05/20 11:25 p.m.66 views

CVE-2020-9484

A deserialization flaw was discovered in Apache Tomcat's use of a FileStore. Under specific circumstances, an attacker can use a specially crafted request to trigger Remote Code Execution through deserialization of the file under their control. The highest threat from the vulnerability is to data...

4.4CVSS7.6AI score0.93464EPSS
Exploits15References8
OSV
OSVadded 2020/05/20 7:15 p.m.29 views

CVE-2020-9484

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the...

7CVSS7.9AI score0.93464EPSS
Exploits15References42
NVD
NVDadded 2020/05/20 7:15 p.m.35 views

CVE-2020-9484

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the...

7CVSS7.5AI score0.93464EPSS
Exploits15References42
UbuntuCve
UbuntuCveadded 2020/05/20 7:15 p.m.49 views

CVE-2020-9484

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the...

7CVSS7.3AI score0.93464EPSS
Exploits15References12
Rows per page
Query Builder