Lucene search
K
OracleMicros Relate Crm Software

4 matches found

CVE
CVE
added 2019/12/23 4:39 p.m.1245 views

CVE-2019-17563

Tomcat CVE-2019-17563: A race-condition in FORM authentication allowed a session-fixation window in Tomcat 9.0.0.M1–9.0.29, 8.5.0–8.5.49, and 7.0.0–7.0.98. The issue is acknowledged as a vulnerability with practical exploitation not detailed in the provided docs. Affected products: Apache Tomcat....

7.5CVSS7.7AI score0.10687EPSS
CVE
CVE
added 2017/04/06 9:0 p.m.1048 views

CVE-2016-8735

CVE-2016-8735 is a remote code execution vulnerability in Apache Tomcat via JmxRemoteLifecycleListener. Affected are Tomcat releases before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12, when JMX ports are reachable. Root cause: JmxRemoteLifecycleListe...

9.8CVSS8AI score0.90338EPSS
In wild
CVE
CVE
added 2018/02/28 8:0 p.m.391 views

CVE-2018-1304

Apache Tomcat vulnerability CVE-2018-1304 arises from incorrect handling of the empty string URL pattern ("") in security constraint processing, allowing unauthorized access to protected resources. Affected versions: Tomcat 9.0.0.M1–9.0.4, 8.5.0–8.5.27, 8.0.0.RC1–8.0.49, and 7.0.0–7.0.84. This is...

5.9CVSS6.7AI score0.17378EPSS
CVE
CVE
added 2018/02/23 11:0 p.m.358 views

CVE-2018-1305

Apache Tomcat contains CVE-2018-1305, where security constraints defined by Servlet annotations were only applied after a Servlet load, potentially allowing unauthorized access to resources depending on the order of loading. Affected releases span 7.0.0–7.0.84, 8.0.0.RC1–8.0.49, 8.5.0–8.5.27, and...

6.5CVSS6.3AI score0.14737EPSS