Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2024/06/03 12:0 a.m.28 views

RHEL 7 : jetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jetty: Timing channel attack in util/security/Password.java CVE-2017-9735 - jetty: full server path...

7.5CVSS7.4AI score0.05795EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2024/05/11 12:0 a.m.36 views

RHEL 7 : jetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jetty: Timing channel attack in util/security/Password.java CVE-2017-9735 - jetty: crafted URIs allow...

7.5AI score0.99298EPSS
Exploits18References13
Tenable Nessus
Tenable Nessusadded 2024/05/11 12:0 a.m.44 views

RHEL 6 : jetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jetty: Timing channel attack in util/security/Password.java CVE-2017-9735 - jetty: error path information...

8.1AI score0.7795EPSS
Exploits1References5
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.31 views

Mageia: Security Advisory (MGASA-2017-0277)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.05795EPSS
Exploits0References4
OSV
OSVadded 2018/10/19 4:15 p.m.90 views

GHSA-WFCC-PFF6-RGC5 Jetty vulnerable to exposure of sensitive information due to observable discrepancy

Jetty through 9.4.x contains a timing channel attack in util/security/Password.java, which allows attackers to obtain access by observing elapsed times before rejection of incorrect passwords...

7.5CVSS7.3AI score0.05795EPSS
Exploits0References16
Mageia
Mageiaadded 2017/08/18 5:6 p.m.44 views

Updated jetty packages fix security vulnerability

Jetty is prone to a timing channel attack in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords CVE-2017-9735...

7.5CVSS4.5AI score0.05795EPSS
Exploits0References2
OSV
OSVadded 2017/08/18 5:6 p.m.8 views

MGASA-2017-0277 Updated jetty packages fix security vulnerability

Jetty is prone to a timing channel attack in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords CVE-2017-9735...

7.5CVSS7.3AI score0.05795EPSS
Exploits0References3
OSV
OSVadded 2016/10/28 3:59 p.m.5 views

CVE-2016-8871

In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an "OAEP side channel" attack...

6.2CVSS6.7AI score
Exploits0References2
Rows per page
Query Builder