Lucene search
K

60 matches found

vulnersOsv
vulnersOsv
added 2026/04/09 9:31 p.m.7 views

org.apache.tomee.bom:tomee-microprofile (>=10.0.0 <=10.0.0-M3), org.apache.tomee.bom:tomee-plume (>=10.0.0 <=10.0.0-M3) +2 more potentially affected by CVE-2026-34500 via org.apache.tomcat:tomcat-coyote-ffm (>=10.1.30 <=10.1.52)

org.apache.tomcat:tomcat-coyote-ffm MAVEN version =10.1.30, =10.0.0, =10.0.0, =10.0.0, =10.0.0, =10.1.4 Source cves: CVE-2026-34500 Source advisory: OSV:GHSA-24J9-X2WG-9QV6...

6.5CVSS5.8AI score0.00469EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/09 9:31 p.m.4 views

org.apache.tomee.bom:tomee-microprofile (>=10.0.0 <=10.0.0-M3), org.apache.tomee.bom:tomee-plume (>=10.0.0 <=10.0.0-M3) +2 more potentially affected by CVE-2026-29145 via org.apache.tomcat:tomcat-coyote-ffm (>=10.1.30 <=10.1.52)

org.apache.tomcat:tomcat-coyote-ffm MAVEN version =10.1.30, =10.0.0, =10.0.0, =10.0.0, =10.0.0, =10.1.4 Source cves: CVE-2026-29145 Source advisory: OSV:GHSA-95JQ-RWVF-VJX4...

9.1CVSS5.4AI score0.00715EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/08 9:0 p.m.7 views

org.apache.tomee.bom:tomee-microprofile (>=10.0.0 <=10.0.0-M3), org.apache.tomee.bom:tomee-plume (>=10.0.0 <=10.0.0-M3) +2 more potentially affected by CVE-2026-29145 via org.apache.tomcat:tomcat-coyote-ffm (>=10.1.30 <=10.1.52)

org.apache.tomcat:tomcat-coyote-ffm MAVEN version =10.1.30, =10.0.0, =10.0.0, =10.0.0, =10.0.0, =10.1.4 Source cves: CVE-2026-29145 Source advisory: SNYK:JAVA-ORGAPACHETOMCAT-15989807...

9.1CVSS5.8AI score0.00715EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/08 9:0 p.m.6 views

org.apache.tomee.bom:tomee-microprofile (>=10.0.0 <=10.0.0-M3), org.apache.tomee.bom:tomee-plume (>=10.0.0 <=10.0.0-M3) +2 more potentially affected by CVE-2026-34500 via org.apache.tomcat:tomcat-coyote-ffm (>=10.1.30 <=10.1.52)

org.apache.tomcat:tomcat-coyote-ffm MAVEN version =10.1.30, =10.0.0, =10.0.0, =10.0.0, =10.0.0, =10.1.4 Source cves: CVE-2026-34500 Source advisory: SNYK:JAVA-ORGAPACHETOMCAT-15989819...

6.5CVSS5.8AI score0.00469EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/16 10:0 p.m.9 views

org.apache.tomee.bom:tomee-microprofile (>=10.0.0 <=10.0.0-M3), org.apache.tomee.bom:tomee-plume (>=10.0.0 <=10.0.0-M3) +2 more potentially affected by CVE-2026-24734 via org.apache.tomcat:tomcat-coyote-ffm (>=10.1.30 <=10.1.49)

org.apache.tomcat:tomcat-coyote-ffm MAVEN version =10.1.30, =10.0.0, =10.0.0, =10.0.0, =10.0.0, =10.1.3 Source cves: CVE-2026-24734 Source advisory: SNYK:JAVA-ORGAPACHETOMCAT-15307823...

7.5CVSS6.6AI score0.00498EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-0794

Malware in sbrugna...

9.8CVSS9.3AI score0.0987EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3769

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.02003EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1105

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.03654EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0901

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.04115EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.6 views

CVE-2020-11969

If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 -...

9.8CVSS9.3AI score0.04115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:18 p.m.6 views

CVE-2020-13931

If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addressed the creatio...

9.8CVSS6.8AI score0.04115EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:9 a.m.4 views

SUSE CVE-2016-0779

The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object...

9.8CVSS8AI score0.0987EPSS
Exploits0References3
OSV
OSV
added 2022/05/14 1:30 a.m.1 views

GHSA-FG44-W3FR-HGXV Apache TomEE console vulnerable to Cross-site Scripting

The Apache TomEE console tomee-webapp has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included. This...

6.1CVSS5.9AI score0.02003EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/14 1:30 a.m.29 views

Apache TomEE console vulnerable to Cross-site Scripting

The Apache TomEE console tomee-webapp has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included. This...

6.1CVSS1.1AI score0.02003EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/02/10 11:7 p.m.19 views

GHSA-836G-5FR5-FGCR Missing Authentication for Critical Function in Apache TomEE

If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 -...

9.8CVSS9.3AI score0.04115EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/02/10 11:7 p.m.45 views

Missing Authentication for Critical Function in Apache TomEE

If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 -...

9.8CVSS2.3AI score0.04115EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/09 10:44 p.m.44 views

Remote code execution in Apache TomEE

If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addressed the creatio...

9.8CVSS2.1AI score0.03654EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/02/09 10:44 p.m.9 views

GHSA-MP28-RQ7G-QX62 Remote code execution in Apache TomEE

If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addressed the creatio...

9.8CVSS7.2AI score0.03654EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/04/13 12:0 a.m.5 views

The vulnerability of the Apache TomEE application server, related to authentication errors, allows attackers to escalate their privileges, execute arbitrary code, or cause service failures.

The vulnerability of the Apache TomEE application server is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to increase their privileges, execute arbitrary code, or cause service failures...

9.8CVSS8AI score0.04115EPSS
Exploits0References8Affected Software1
OpenVAS
OpenVAS
added 2020/12/21 12:0 a.m.17 views

Apache TomEE JMX Vulnerability (CVE-2020-13931)

Apache TomEE is prone to a misconfiguration vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

9.8CVSS9.5AI score0.03654EPSS
Exploits0References1
Rows per page
Query Builder