Filter
-Infinity
0

Trending

Last week
Last month
Last year

🚨 New vulnerability in Apache Tomcat (CVE-2025-24813) 🚨

First published (updated )
Social
reddit

More detailed analysis of Apache Tomcat CVE-2025-24813

First published (updated )
Social
reddit

BleepingComputerThe 4 WordPress flaws hackers targeted the most in Q1 2025

Exploited
First published (updated )
News
BleepingComputer

The Register'Dead simple' RCE exploit in Apache Tomcat under attack

Exploited
First published (updated )
News
The Register

BleepingComputerCritical RCE flaw in Apache Tomcat actively exploited in attacks

Exploited
Zeroday
First published (updated )
News
BleepingComputer

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Analysis of CVE-2025-24813 Apache Tomcat Path Equivalence RCE

First published (updated )
Social
reddit

TomcatPath Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Informatio…

medium
4
First published (updated )
REDHAT-BUG-2351129

CVE-2025-24813: Apache Tomcat: Potential RCE and/or information disclosuand/or information corruption with partial PUT

First published (updated )
https://seclists.org/oss-sec/2025/q1/197

maven/org.apache.tomcat.embed:tomcat-embed-coreApache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT

critical
9.8
Exploited
Zeroday
EPSS
0.04%
Trending
3 Months
First published (updated )
CVE-2025-24813

CVE-2024-56337: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation - CVE-2024-50379 mitigation was incomplete

First published (updated )
https://seclists.org/oss-sec/2024/q4/164

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

CVE-2024-50379: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation

First published (updated )
https://seclists.org/oss-sec/2024/q4/161

CVE-2024-54677: Apache Tomcat: DoS in examples web application

First published (updated )
https://seclists.org/oss-sec/2024/q4/160

CVE-2024-54677: Apache Tomcat: DoS in examples web application

First published (updated )
https://seclists.org/oss-sec/2024/q4/159

TomcatRace Condition

medium
4
First published (updated )
REDHAT-BUG-2332817

CVE-2024-54677: Apache Tomcat: DoS in examples web application

First published (updated )
https://seclists.org/oss-sec/2024/q4/158

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

CVE-2024-50379: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation

First published (updated )
https://seclists.org/oss-sec/2024/q4/157

CVE-2024-52318: Apache Tomcat: Incorct JSP tag cycling leads to XSS

First published (updated )
https://seclists.org/oss-sec/2024/q4/105

CVE-2024-52317: Apache Tomcat: quest/sponse mix-up with HTTP/2

First published (updated )
https://seclists.org/oss-sec/2024/q4/104

CVE-2024-52316: Apache Tomcat: Authentication bypass when using Jakarta Authentication API

First published (updated )
https://seclists.org/oss-sec/2024/q4/103

Tomcattomcat packaging allows for escalation to root from tomcat user

high
7.8
First published (updated )
CVE-2024-22029

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

TomcatTomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryErro…

high
7
First published (updated )
REDHAT-BUG-2314686

TomcatApache Tomcat: Denial of Service

high
8.6
First published (updated )
CVE-2024-38286

CVE-2024-38286: Apache Tomcat: Denial of Service

First published (updated )
https://seclists.org/oss-sec/2024/q3/264

TomcatImproper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apac…

high
7
First published (updated )
REDHAT-BUG-2295651

CVE-2024-23672: Apache Tomcat: WebSocket DoS with incomplete closing handshake

First published (updated )
https://seclists.org/oss-sec/2024/q1/226

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

CVE-2024-24549: Apache Tomcat: HTTP/2 header handling DoS

First published (updated )
https://seclists.org/oss-sec/2024/q1/225

CVE-2024-21733: Apache Tomcat: Leaking of unrelated request bodies in default error page

First published (updated )
https://seclists.org/oss-sec/2024/q1/34

TomcatApache Tomcat: Leaking of unrelated request bodies in default error page

high
7.5
EPSS
0.69%
First published (updated )
CVE-2024-21733

CVE-2023-46589: Apache Tomcat: HTTP request smuggling via malformed trailer headers

First published (updated )
https://seclists.org/oss-sec/2023/q4/242

TomcatApache Tomcat: HTTP request smuggling via malformed trailer headers

high
7.5
First published (updated )
CVE-2023-46589

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
Š 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203