26 matches found
EUVD-2019-10390
Malware in sbrugna...
EUVD-2019-18368
Malware in sbrugna...
EUVD-2020-7907
Malware in sbrugna...
CVE-2020-15936
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets...
CVE-2019-8981
tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because the needbytes value is mismanaged...
CVE-2024-20402
A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This...
CVE-2024-20402
A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This...
USN-6943-1: Tomcat vulnerabilities
It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected tomcat8 for Ubuntu 18.04 LTS CVE-2020-9484 It was discovered that Tomcat...
USN-6943-1 tomcat8, tomcat9 vulnerabilities
It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected tomcat8 for Ubuntu 18.04 LTS CVE-2020-9484 It was discovered that Tomcat...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Tomcat vulnerabilities (USN-6943-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6943-1 advisory. It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. ...
The vulnerability of Microprogrammed Software Sources for APC Smart-UPS battery backup systems of the SMT, SMC, SMTL, SCL, SMX series is related to errors in processing TLS packets. This vulnerability allows a hacker to execute arbitrary code.
The vulnerability of Microprogrammed Software Sources for APC Smart-UPS battery backup systems of the SMT, SMC, SMTL, SCL, and SMX series is related to errors in processing TLS packets. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2020-15936
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets...
CVE-2020-15936
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets...
Protect
An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiOS may allow a privileged attacker to disclose sensitive information via SNI Client Hello TLS packets...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-41079
Summary IBM UrbanCode Build is affected by CVE-2021-41079 Vulnerability Details CVEID: CVE-2021-41079 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by improper input validation of TLS packets. By sending a specially-crafted TLS packet, a remote attacker could exploit thi...
SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-el-3_0-api / etc (SUSE-SU-2021:3670-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3670-1 advisory. - CVE-2021-30640: Escape parameters in JNDI Realm queries bsc1188279. - CVE-2021-33037: Process T-E header from both HTTP 1.0 and...
SUSE SLES12: javapackages-tools / tomcat / tomcat-admin-webapps / etc (SUSE-SU-2021:3602-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3602-1 advisory. This update for tomcat, javapackages-tools fixes the following issue: Security issue fixed: - CVE-2021-30640: Escape parameters in...
Updated tomcat packages fix security vulnerability
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. CVE-2021-30640 Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not...
OESA-2021-1393 tomcat security update
The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...
Debian DSA-4986-1 : tomcat9 - security update
The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4986 advisory. - A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the...