CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1163 matches found

RedHat Linux•added 2010/08/02 8:39 p.m.•2 views

tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service application outage or obtain sensitive information via a crafted header that interferes with "recycling...

6.4CVSS6.2AI score0.54779EPSS

Exploits2References4

RedHat Linux•added 2010/08/02 8:39 p.m.•59 views

Important: Red Hat Security Advisory: tomcat5 and tomcat6 security update

Updated tomcat5 and tomcat6 packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.1 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...

6.4CVSS6AI score0.54779EPSS

Exploits2References4

RedHat Linux•added 2010/08/02 8:18 p.m.•4 views

tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header

6.4CVSS6.2AI score0.54779EPSS

Exploits2References4

RedHat Linux•added 2010/08/02 8:17 p.m.•3 views

tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header

6.4CVSS6.2AI score0.54779EPSS

Exploits2References4

RedHat Linux•added 2010/08/02 8:17 p.m.•3 views

tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header

6.4CVSS6.2AI score0.54779EPSS

Exploits2References4

RedHat Linux•added 2010/08/02 8:0 p.m.•4 views

tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header

6.4CVSS6.2AI score0.54779EPSS

Exploits2References4

Tenable Nessus•added 2010/07/16 12:0 a.m.•62 views

Apache Tomcat 5.5.x < 5.5.30

According to its self-reported version number, the Apache Tomcat server listening on the remote host is 5.5.x prior to 5.5.30. It is, therefore, affected by multiple vulnerabilities : - An error in the access restriction on a 'ServletContext' attribute which holds the location of the work directo...

6.4CVSS6.2AI score0.54779EPSS

Exploits9References7

NVD•added 2010/07/13 5:30 p.m.•21 views

CVE-2010-2227

6.4CVSS5.3AI score0.54779EPSS

Exploits2References48

ATTACKERKB•added 2010/07/13 5:30 p.m.•4 views

CVE-2010-2227

6.4CVSS5.4AI score0.54779EPSS

Exploits2References58

Prion•added 2010/07/13 5:30 p.m.•26 views

Buffer overflow

6.4CVSS7AI score0.54779EPSS

Exploits2References48Affected Software1

Cvelist•added 2010/07/13 5:0 p.m.•27 views

CVE-2010-2227

4.6AI score0.54779EPSS

Exploits2References48

UbuntuCve•added 2010/07/13 12:0 a.m.•35 views

CVE-2010-2227

6.4CVSS6.3AI score0.54779EPSS

Exploits2References2

securityvulns•added 2010/07/13 12:0 a.m.•56 views

Apache Tomcat DoS and information leak

Several flaws in the handling of the 'Transfer-Encoding' header...

6.4CVSS1.1AI score0.54779EPSS

Exploits2References1Affected Software1

securityvulns•added 2010/07/13 12:0 a.m.•93 views

[SECURITY] CVE-2010-2227: Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2010-2227: Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Tomcat 5.5.0 to 5.5.29 Tomcat 6.0.0 to 6.0.27 Tomcat 7.0.0 Note: 7.0.0 is stil...

6.4CVSS4.4AI score0.54779EPSS

Exploits2

Apache Tomcat•added 2010/07/09 12:0 a.m.•50 views

Fixed in Apache Tomcat 6.0.28

Important: Remote Denial Of Service and Information Disclosure Vulnerability CVE-2010-2227 Several flaws in the handling of the 'Transfer-Encoding' header were found that prevented the recycling of a buffer. A remote attacker could trigger this flaw which would cause subsequent requests to fail...

6.4CVSS5.6AI score0.54779EPSS

Exploits2Affected Software1

Exploit DB•added 2010/07/08 12:0 a.m.•49 views

BEA Weblogic - Transfer-Encoding Buffer Overflow (Metasploit)

$Id: beaweblogictransferencoding.rb 9744 2010-07-08 23:34:50Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

10CVSS7AI score0.56268EPSS

Exploits9

Exploit DB•added 2010/06/22 12:0 a.m.•30 views

The Uploader 2.0.4 - Remote File Disclosure

================================================= The Uploader 2.0.4 Remote File disclosure Vulnerability ================================================= ============================================== Script Name : The Uploader Version : 2.0.4 Language : php Author : Xa7m3d [email protected]...

7.4AI score

Exploits0

NVD•added 2010/05/17 10:30 p.m.•27 views

CVE-2010-0776

The Web Container in IBM WebSphere Application Server WAS 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle chunked transfer encoding during a call to response.sendRedirect, which allows remote attackers to cause a denial of service via a GET request...

5CVSS6.3AI score0.01617EPSS

Exploits1References2

Cvelist•added 2010/05/17 10:0 p.m.•38 views

CVE-2010-0776

6.2AI score0.01617EPSS

Exploits1References2

Packet Storm•added 2009/11/26 12:0 a.m.•59 views

BEA Weblogic Transfer-Encoding Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'BEA Weblogic...

10CVSS1AI score0.56268EPSS

Exploits9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by