Lucene search
+L

9 matches found

Rockylinux
Rockylinux
added 2025/07/29 1:40 p.m.12 views

tomcat security update

An update is available for tomcat. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages...

10CVSS9.2AI score0.99945EPSS
Exploits59
RedhatCVE
RedhatCVE
added 2025/07/10 1:30 a.m.7 views

CVE-2025-42978

The widely used component that establishes outbound TLS connections in SAP NetWeaver Application Server Java does not reliably match the hostname that is used for the connection against the wildcard hostname defined in the received certificate of remote TLS server. This might lead to the outbound...

3.5CVSS7.6AI score0.00119EPSS
Exploits0References1
Prion
Prion
added 2023/06/22 1:15 p.m.20 views

Information disclosure

Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests...

4CVSS4.4AI score0.00514EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.42 views

AlmaLinux 9 : libtiff (ALSA-2023:2340)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2340 advisory. - Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access v...

8.8CVSS6.3AI score0.01237EPSS
Exploits9References11
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/15 6:13 p.m.66 views

Security Bulletin: Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013

Summary Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and included in the products that are listed in this document. Vulnerability Details The products that are listed in the Affected product section are shipped with a versio...

4.3CVSS7.7AI score0.03864EPSS
Exploits0Affected Software5
Prion
Prion
added 2022/05/24 3:15 p.m.19 views

Default configuration

The default configuration of a TreeGrid component uses Object::toString as a key on the client-side and server communication in Vaadin 14.8.5 through 14.8.9, 22.0.6 through 22.0.14, 23.0.0.beta2 through 23.0.8 and 23.1.0.alpha1 through 23.1.0.alpha4, resulting in potential information disclosure ...

5CVSS7.3AI score0.00915EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/01/29 6:19 a.m.25 views

CVE-2020-29005

The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure...

7.3AI score0.00655EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/04 11:25 a.m.25 views

Security Bulletin: Potential information disclosure in WebSphere Application Server shipped with Jazz for Service Management (CVE-2018-1957)

Summary There is a potential information disclosure in WebSphere Application Server CVE-2018-1957 Vulnerability Details CVEID: CVE-2018-1957 DESCRIPTION: IBM WebSphere Application Server could allow sensitive information to be available caused by mishandling of data by the application based on an...

5.5CVSS1AI score0.00405EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2013/03/13 3:5 p.m.12 views

Potential Information Disclosure and Insufficient Entropy vulnerabilities in Zend\Math\Rand and Zend\Validate\Csrf Components

More info at https://framework.zend.com/security/advisory/ZF2013-02...

7.2AI score
Exploits0Affected Software1
Rows per page
Query Builder