18 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-9256
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex patter...
tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE
A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...
MiracleLinux 8 : cryptsetup-2.3.3-4.el8.1 (AXSA:2022-3029:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3029:01 advisory. cryptsetup: disable encryption via header rewrite CVE-2021-4122 Tenable has extracted the preceding description block directly from the MiracleLinux security...
tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE
A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...
tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE
A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...
tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE
A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...
tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE
A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...
tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE
A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...
Important: tomcat10
Issue Overview: Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could...
tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE
A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...
CVE-2025-55752 Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled
Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...
Fixed in Apache Tomcat 9.0.109
Low: Console manipulation via escape sequences in log messages CVE-2025-55754 Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a...
OS Command Injection in file editor
Description Deploy and run gogs. Proof of Concept 1. Create a repository and upload a file named config to the repository repo6. The content of the file is as follows: xml core repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true ignorecase = true precomposeunicode =...
CVE-2021-39991
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality...
Moxa UC-7408 Firmware Rewrite Vulnerability
Moxa UC-7408 is an embedded industrial computer product from Moxa. A firmware rewrite vulnerability exists in the Moxa UC-7408 that originates from a program failing to perform authentication of critical functions. A remote attacker can exploit this vulnerability to cause an unrecoverable firmwar...
Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit
No description provided by source. !-- Tor 0.1.2.16 with ControlPort enabled not default Exploit for Tor ControlPort torrc Rewrite Vulnerability http://secunia.com/advisories/26301 Rewrites the torrc to log to a different location: C:\Documents and Settings\All Users\Start...
Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit
No description provided by source. !-- Tor 0.1.2.16 with ControlPort enabled not default Exploit for Tor ControlPort "torrc" Rewrite Vulnerability http://secunia.com/advisories/26301...
tor01216-rewrite.txt
t.bat which will run calc.exe on next boot. This is not very silent though, t.bat will contain something like 45 rows of crap which the user will see in about 1 sec, drop me a mail if you have a better way. Either have a TOR user visit this HTML or inject it into her traffic when you're a TOR exi...