Apache Tomcat - Remote Code Execution

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted...

CVE-2025-40223

In CVE-2025-40223, the Linux kernel MOST/hdm_disconnect path could suffer use-after-free or double-free when unregistering the MOST interface device. The fix relocates frees of mdev-owned allocations into release_mdev() so they run once when the device is truly released, and removes redundant put...

PT-2025-30851

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the kernel’s ksmbd module related to oplock/lease break acknowledgements. If the ksmbd iov pin rsp function returns an error, accessing opinfo-state can...

PT-2023-1016 · Vim +8 · Vim +8

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.0.1144 Description: The issue is related to a heap-based buffer overflow in the msg puts printf function of the Vim text editor, which can be exploited to execute arbitrary code on the target system. This is a result o...

Security Bulletin: Cloud Pak for Security contains packages that have multiple vulnerabilities

Summary Cloud Pak for Security v1.9.0.0 and earlier may be vulnerable to multiple CVEs through the use of dependency packages. These have been updated in the latest release and vulnerabilities have neen addressed. Please follow the instructions in the Remediation/Fixes section below to update to...

Apache Tomcat on Windows Remote Code Execution Vulnerability

When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server...

Apache Tomcat 7.0.x < 7.0.82 RCE

Binary data 700675.pasl...

Apache Tomcat 7.0.x < 7.0.81 Multiple Vulnerabilities

Binary data 700674.pasl...

Apache Tomcat 9.0.x < 9.0.1 RCE

Binary data 700703.pasl...

Unrestricted File Upload

tomcat-catalina is vulnerable to remote code execution RCE attacks. On a Windows system with HTTP PUTs enabled a malicious user can upload a JSP file to the server which would then be executed...

Apache Tomcat 8.5.x < 8.5.23 Remote Code Execution via JSP Upload

The version of Apache Tomcat installed on the remote host is 8.5.x prior to 8.5.23. It is, therefore, affected by an unspecified vulnerability when running with HTTP PUTs enabled e.g. via setting the readonly initialization parameter of the Default to false that makes it possible to upload a JSP...

Apache Tomcat 7.0.x < 7.0.82 Remote Code Execution via JSP Upload

The version of Apache Tomcat installed on the remote host is 7.0.x prior to 7.0.82. It is, therefore, affected by an unspecified vulnerability when running on Windows with HTTP PUTs enabled e.g. via setting the readonly initialization parameter of the Default to false makes it possible to upload ...

Apache Tomcat 7.0.x < 7.0.81 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 7.0.x prior to 7.0.81. It is, therefore, affected by multiple vulnerabilities : - An unspecified vulnerability when running on Windows with HTTP PUTs enabled e.g. via setting the readonly initialization parameter of the Default to false...

Apache Tomcat 9.0.0.M1 < 9.0.1 Remote Code Execution via JSP Upload

The version of Apache Tomcat installed on the remote host is 9.0.0.M1 or later but prior to 9.0.1. It is, therefore, affected by an unspecified vulnerability when running with HTTP PUTs enabled e.g. via setting the readonly initialization parameter of the Default to false that makes it possible t...

When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file to the server

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default to false it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it containe...

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2017-12615, CVE-2017-12616, CVE-2017-12617)

Summary Jazz Team Server is shipped as a component of Jazz Reporting Service JRS. Information about multiple security vulnerabilities affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-12617 DESCRIPTION: Apache Tomca...

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence (CVE-2017-12615, CVE-2017-12616, CVE-2017-12617)

Summary Jazz Reporting Service is shipped as a component of Rational Reporting for Development Intelligence RRDI. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-12617 DESCRIPTION...

Ubuntu: Security Advisory (USN-3665-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Tomcat vulnerabilities (USN-3665-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3665-1 advisory. It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue...

USN-3665-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. CVE-2017-12616,...