Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/03/24 10:21 a.m.41 views

BIT-TOMCAT-2023-28708 Apache Tomcat: JSESSIONID Cookie missing secure attribute in some configurations

When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 10.1.0 to 10.1.5, 9.0.0 to 9.0.71 and 8.5.0 to 8.5.85 did not include the secure attribute. This could result in the...

4.3CVSS6.7AI score0.0011EPSS
Exploits0References3
Debian
Debianadded 2025/04/02 3:12 a.m.21 views

[SECURITY] [DLA 4108-1] tomcat9 security update

Debian LTS Advisory DLA-4108-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 02, 2025 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.43-2deb11u12 CVE ID : CVE-2025-24813 A security vulnerability was found in Tomcat 9, a Java based web server a...

10CVSS7.4AI score0.9413EPSS
Exploits45
Tenable Nessus
Tenable Nessusadded 2025/01/17 12:0 a.m.23 views

Debian dla-4017 : libtomcat9-embed-java - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4017 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4017-1 [email protected]...

9.8CVSS7.7AI score0.84587EPSS
Exploits16References13
GithubExploit
GithubExploitadded 2021/12/12 9:45 p.m.424 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell...

10CVSS9AI score0.94358EPSS
Exploits343
Tenable Nessus
Tenable Nessusadded 2019/09/19 12:0 a.m.47 views

Ubuntu 18.04 LTS : Tomcat vulnerabilities (USN-4128-2)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4128-2 advisory. It was discovered that the Tomcat 9 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to...

7.5CVSS6.8AI score0.713EPSS
Exploits3References3
Ubuntu
Ubuntuadded 2019/09/18 2:8 p.m.141 views

USN-4128-2: Tomcat vulnerabilities

It was discovered that the Tomcat 9 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. CVE-2019-0221 It was discovered that Tomcat 9 did not address HTTP/2 connection window exhaustion on write while addressing...

7.5CVSS6.7AI score0.713EPSS
Exploits3
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.12 views

Apache Tomcat 9.0.0.M1 < 9.0.8 Denial of Service

The version of Apache Tomcat installed on the remote host is 9.0.x prior to 9.0.8. It is, therefore, affected by a denial of service due to a bug in UTF-8 decoder. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. ...

7.5CVSS7.3AI score0.19417EPSS
Exploits0References2
Rows per page
Query Builder