Filter
-Infinity
0

Trending

Last week
Last month
Last year

The RegisterRather than add a backdoor, Apple decides to kill iCloud encryption for UK peeps

First published (updated )
News
The Register

CVE-2024-56337: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation - CVE-2024-50379 mitigation was incomplete

First published (updated )
https://seclists.org/oss-sec/2024/q4/164

CVE-2024-50379: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation

First published (updated )
https://seclists.org/oss-sec/2024/q4/161

CVE-2024-54677: Apache Tomcat: DoS in examples web application

First published (updated )
https://seclists.org/oss-sec/2024/q4/160

CVE-2024-54677: Apache Tomcat: DoS in examples web application

First published (updated )
https://seclists.org/oss-sec/2024/q4/159

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

TomcatRace Condition

medium
4
First published (updated )
REDHAT-BUG-2332817

CVE-2024-54677: Apache Tomcat: DoS in examples web application

First published (updated )
https://seclists.org/oss-sec/2024/q4/158

CVE-2024-50379: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation

First published (updated )
https://seclists.org/oss-sec/2024/q4/157

CVE-2024-52318: Apache Tomcat: Incorct JSP tag cycling leads to XSS

First published (updated )
https://seclists.org/oss-sec/2024/q4/105

CVE-2024-52317: Apache Tomcat: quest/sponse mix-up with HTTP/2

First published (updated )
https://seclists.org/oss-sec/2024/q4/104

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

CVE-2024-52316: Apache Tomcat: Authentication bypass when using Jakarta Authentication API

First published (updated )
https://seclists.org/oss-sec/2024/q4/103

Tomcattomcat packaging allows for escalation to root from tomcat user

high
7.8
First published (updated )
CVE-2024-22029

TomcatTomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryErro…

high
7
First published (updated )
REDHAT-BUG-2314686

TomcatApache Tomcat: Denial of Service

high
8.6
First published (updated )
CVE-2024-38286

CVE-2024-38286: Apache Tomcat: Denial of Service

First published (updated )
https://seclists.org/oss-sec/2024/q3/264

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

TomcatImproper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apac…

high
7
First published (updated )
REDHAT-BUG-2295651

CVE-2024-23672: Apache Tomcat: WebSocket DoS with incomplete closing handshake

First published (updated )
https://seclists.org/oss-sec/2024/q1/226

CVE-2024-24549: Apache Tomcat: HTTP/2 header handling DoS

First published (updated )
https://seclists.org/oss-sec/2024/q1/225

CVE-2024-21733: Apache Tomcat: Leaking of unrelated request bodies in default error page

First published (updated )
https://seclists.org/oss-sec/2024/q1/34

TomcatApache Tomcat: Leaking of unrelated request bodies in default error page

high
7.5
EPSS
0.69%
First published (updated )
CVE-2024-21733

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

CVE-2023-46589: Apache Tomcat: HTTP request smuggling via malformed trailer headers

First published (updated )
https://seclists.org/oss-sec/2023/q4/242

TomcatApache Tomcat: HTTP request smuggling via malformed trailer headers

high
7.5
First published (updated )
CVE-2023-46589

CVE-2023-45648: Apache Tomcat: Trailer header parsing too lenient

First published (updated )
https://seclists.org/oss-sec/2023/q4/79

CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations

First published (updated )
https://seclists.org/oss-sec/2023/q4/75

TomcatApache Tomcat: Trailer header parsing too lenient

medium
5.3
First published (updated )
CVE-2023-45648

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

CVE-2023-42795: Apache Tomcat: Failure during request clean-up leads to sensitive data leaking to subsequent requests

First published (updated )
https://seclists.org/oss-sec/2023/q4/78

TomcatApache Tomcat: Failure during request clean-up leads to sensitive data leaking to subsequent requests

medium
5.3
First published (updated )
CVE-2023-42795

CVE-2023-42794: Apache Tomcat: FileUpload: DoS due to accumulation of temporary files on Windows

First published (updated )
https://seclists.org/oss-sec/2023/q4/77

redhat/tomcatApache Tomcat: FileUpload: DoS due to accumulation of temporary files on Windows

high
7.5
First published (updated )
CVE-2023-42794

TomcatApache Tomcat: Open redirect with FORM authentication

medium
6.5
First published (updated )
CVE-2023-41080

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203