The Apache Software Foundation has issued a security advisory for a newly discovered vulnerability in Apache Tomcat that could allow attackers to execute a denial-of-service (DoS) attack. Identified as CVE-2024-38286,...
The persistent cyber threat known as Kinsing malware has taken a new and sophisticated approach to its cryptojacking campaign. Tenable Research recently uncovered that the malware is now targeting cloud...
Security researchers have disclosed two vulnerabilities (CVE-2024-23672 and CVE-2024-24549) in popular Apache Tomcat web server software. Organizations relying on Tomcat must prioritize updates to mitigate denial of service (DoS) attacks...
A vulnerability, known as CVE-2023-46589, has emerged within the Apache Tomcat, a widely used Java web application server. This vulnerability, classified as ‘Important’, stems from improper input validation, allowing malicious...
Apache Tomcat, the stalwart of the open-source Java community, offers a pure Java HTTP web server environment. Synonymous with efficiency, it serves as the backbone for prominent web applications like...
CVE-2023-34981, an information disclosure vulnerability recently exposed in Apache Tomcat. Brought to light by Hidenobu Hayashi and Yuichiro Fukubayashi of M3, Inc., this vulnerability poses a significant threat, earning itself...
As technology advances, so do the tactics of cybercriminals who are constantly on the lookout for vulnerabilities in software to exploit. Apache Tomcat, a popular Java web application server, is...
Apache Commons and Tomcat developers are urging users to update a file upload library due to the existence of a vulnerability that can be exploited for denial-of-service (DoS) attacks. The team...
Tomcat released the latest security bulletin on September 28, which contains an information disclosure vulnerability. Tracked as CVE-2021-43980, the severity is high. The security researcher Adam Thomas, Richard Hernandez, and...
CVE-2018-1305 Security constraint annotations applied too late Severity: High Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.4 Apache Tomcat 8.5.0 to 8.5.27 Apache Tomcat 8.0.0.RC1 to...
CVE-2017-12617 CVE-2017-12617 critical Remote Code Execution (RCE) vulnerability discovered in Apache Tomcat affect systems with HTTP PUTs enabled (via setting the “read-only” initialization parameter of the Default servlet to “false”)...
Web Exploitation / WebApp PenTest
by do son · Published September 20, 2017 · Last modified October 10, 2021
CVE-2017-7674 Apache Tomcat Remote Code Execution via JSP Upload Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 7.0.0 to 7.0.79 Description: When running on Windows with HTTP...
Support Securityonline.info site. Thanks!
