Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.5 views

PT-2025-45370

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztp search value’ parameter to the ‘NetworkServlet’ endpoint. Successfu...

9.3CVSS9.2AI score0.00583EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-4028

Malware in sbrugna...

5.3CVSS5.5AI score0.01595EPSS
Exploits1References5
OSV
OSV
added 2025/07/10 10:46 a.m.29 views

BIT-TOMCAT-2025-24813 Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT

Path Equivalence: 'file.Name' Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0 through 11.0.2, from 10.1.0 through 10.1.34,...

10CVSS7.7AI score0.99945EPSS
Exploits46References11
NVD
NVD
added 2025/03/10 5:15 p.m.34 views

CVE-2025-24813

Path Equivalence: 'file.Name' Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through...

10CVSS0.99945EPSS
Exploits46References10
OSV
OSV
added 2018/02/28 1:55 p.m.17 views

MGASA-2018-0149 Updated tomcat packages fix security vulnerabilities

In Tomcat 8.0.45, the description of the search algorithm used by the CGI Servlet to identify which script to execute was updated. The update was not correct. As a result, some scripts may have failed to execute as expected and other scripts may have been executed unexpectedly. Note that the...

6.5CVSS6.6AI score0.17716EPSS
Exploits2References4
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.35 views

CVE-2002-1394

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148...

6.5AI score0.05254EPSS
Exploits0References11
NVD
NVD
added 2000/10/20 4:0 a.m.16 views

CVE-2000-0774

The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root...

5CVSS6.6AI score0.01477EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2000/07/24 12:0 a.m.41 views

IBM Websphere Application Server 2.0./3.0/3.0.2.1 - Showcode

source: https://www.securityfocus.com/bid/1500/info Certain versions of the IBM WebSphere application server ship with a vulnerability which allows malicious users to view the source of any document which resides in the web document root directory. This is possible via a flaw which allows a defau...

7.4AI score
Exploits0
Rows per page
Query Builder