Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Positive Technologies
Positive Technologiesadded 2026/02/09 12:0 a.m.3 views

PT-2026-7141

Name of the Vulnerable Software and Affected Versions Apache HertzBeat versions 1.7.1 through 1.7.9 Description An issue exists in Apache HertzBeat related to improper neutralization of data within XPath expressions, potentially leading to XPath Injection. This could allow for crafted XPath...

8.8CVSS5.4AI score0.00026EPSS
Exploits0References6
Packet Storm
Packet Stormadded 2025/03/18 12:0 a.m.278 views

Apache Tomcat Remote Code Execution / Information Disclosure

This is the formal advisory from Apache regarding the recent partial PUT vulnerability that allows for potential remote code execution or information disclosure. Apache Tomcat versions 11.0.0-M1 to 11.0.2, 10.1.0-M1 to 10.1.34, and 9.0.0.M1 to 9.0.98 are affected. CVE-2025-24813 Potential RCE...

9.8CVSS7.5AI score0.9413EPSS
Exploits44
RedHat Linux
RedHat Linuxadded 2023/10/18 10:16 a.m.2 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.94395EPSS
Exploits19References10
Packet Storm
Packet Stormadded 2013/10/22 12:0 a.m.46 views

Apache Shindig 2.5.0 XXE Injection

CVE-2013-4295: XXE vulnerability In Apache Shindig 2.5.0 PHP Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Shindig PHP 2.5.0 Description: The gadget renderer in the PHP version of Apache Shindig is subject to an XML External Entity XXE Injection attack. The...

5CVSS0.17005EPSS
Exploits1
securityvulns
securityvulnsadded 2011/04/13 12:0 a.m.78 views

[SECURITY] CVE-2011-1475 Apache Tomcat information disclosure

CVE-2011-1475 Apache Tomcat information disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.11 - Earlier versions are not affected Description: Changes introduced to the HTTP BIO connector to support Servlet 3.0 asynchronous requests did...

5CVSS0.11701EPSS
Exploits0
Packet Storm
Packet Stormadded 2009/06/09 12:0 a.m.81 views

Apache Tomcat Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2008-5515: Apache Tomcat information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.1.0 to 4.1.39 Tomcat 5.5.0 to 5.5.27 Tomcat 6.0.0 to 6.0.18 The unsupported Tomcat 3.x, 4.0.x and...

5CVSS5.3AI score0.72859EPSS
Exploits1
Rows per page
Query Builder