Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-4342 |
|
Vulnerability in nginx (CVE-2026-4342)
vulnerability in nginx (CVE-2026-4342). Successful exploitation can lead to full system takeover.
|
| CVE-2026-29054 |
|
Vulnerability in traefik (CVE-2026-29054)
vulnerability in traefik (CVE-2026-29054). Data can be tampered with by attackers.
|
| CVE-2026-26999 |
|
Vulnerability in traefik (CVE-2026-26999)
vulnerability in traefik (CVE-2026-26999). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24734 |
|
Vulnerability in apache (CVE-2026-24734)
vulnerability in apache (CVE-2026-24734). Data can be tampered with by attackers.
|
| CVE-2026-25949 |
|
Vulnerability in dos (CVE-2026-25949)
vulnerability in dos (CVE-2026-25949). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.6.8` or later.
|
| CVE-2025-55752 |
|
Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
|
| CVE-2025-48989 |
|
Vulnerability in org.apache.tomcat:tomcat-coyote (CVE-2025-48989)
vulnerability in org.apache.tomcat:tomcat-coyote (CVE-2025-48989). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.0.108` or later.
|
| CVE-2025-24813 KEV |
|
[KEV] Vulnerability in Apache tomcat (CVE-2025-24813)
vulnerability in Apache tomcat (CVE-2025-24813). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-44487 KEV |
|
[KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.
|
| CVE-2016-8735 KEV |
|
[KEV] Vulnerability in Apache tomcat (CVE-2016-8735)
vulnerability in Apache tomcat (CVE-2016-8735). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-12615 KEV |
|
[KEV] Unrestricted File Upload in Apache tomcat (CVE-2017-12615)
vulnerability in Apache tomcat (CVE-2017-12615). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-12617 KEV |
|
[KEV] Unrestricted File Upload in Apache tomcat (CVE-2017-12617)
vulnerability in Apache tomcat (CVE-2017-12617). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-1938 KEV |
|
[KEV] Privilege Escalation in org.apache.tomcat.embed:tomcat-embed-core (CVE-2020-1938)
vulnerability in org.apache.tomcat.embed:tomcat-embed-core (CVE-2020-1938). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `7.0.100` or later.
|
| CVE-2020-29238 |
|
Vulnerability in nginx (CVE-2020-29238)
vulnerability in nginx (CVE-2020-29238). Confidential information can be exposed externally.
|
| CVE-2017-12616 |
|
Information Disclosure in apache (CVE-2017-12616)
vulnerability in apache (CVE-2017-12616). Confidential information can be exposed externally.
|
| CVE-2017-14105 |
|
Vulnerability in tomcat (CVE-2017-14105)
vulnerability in tomcat (CVE-2017-14105). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6796 |
|
Vulnerability in apache (CVE-2016-6796)
vulnerability in apache (CVE-2016-6796). Data can be tampered with by attackers.
|
| CVE-2017-7675 |
|
Path Traversal in apache (CVE-2017-7675)
path traversal in apache (CVE-2017-7675). Confidential information can be exposed externally.
|
| CVE-2016-6817 |
|
Buffer Overflow in apache (CVE-2016-6817)
vulnerability in apache (CVE-2016-6817). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6797 |
|
Authorization Flaw in apache (CVE-2016-6797)
vulnerability in apache (CVE-2016-6797). Confidential information can be exposed externally.
|
| CVE-2016-8745 |
|
Vulnerability in apache (CVE-2016-8745)
vulnerability in apache (CVE-2016-8745). Confidential information can be exposed externally.
|
| CVE-2017-7683 |
|
Information Disclosure in apache (CVE-2017-7683)
vulnerability in apache (CVE-2017-7683). Confidential information can be exposed externally.
|
| CVE-2017-7529 |
|
Vulnerability in nginx (CVE-2017-7529)
vulnerability in nginx (CVE-2017-7529). Confidential information can be exposed externally.
|
| CVE-2017-6712 |
|
OS Command Injection in tomcat (CVE-2017-6712)
OS command injection in tomcat (CVE-2017-6712). Successful exploitation can lead to full system takeover.
|
| CVE-2017-6683 |
|
OS Command Injection in tomcat (CVE-2017-6683)
OS command injection in tomcat (CVE-2017-6683). Successful exploitation can lead to full system takeover.
|
| CVE-2017-6682 |
|
OS Command Injection in tomcat (CVE-2017-6682)
OS command injection in tomcat (CVE-2017-6682). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5664 |
|
Vulnerability in apache (CVE-2017-5664)
vulnerability in apache (CVE-2017-5664). Data can be tampered with by attackers.
|
| CVE-2016-10345 |
|
Vulnerability in nginx (CVE-2016-10345)
vulnerability in nginx (CVE-2016-10345). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5650 |
|
Vulnerability in apache (CVE-2017-5650)
vulnerability in apache (CVE-2017-5650). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5647 |
|
Information Disclosure in c (CVE-2017-5647)
vulnerability in c (CVE-2017-5647). Confidential information can be exposed externally.
|
| CVE-2016-9775 |
|
Vulnerability in tomcat (CVE-2016-9775)
vulnerability in tomcat (CVE-2016-9775). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9774 |
|
Vulnerability in tomcat (CVE-2016-9774)
vulnerability in tomcat (CVE-2016-9774). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6816 |
|
Vulnerability in apache (CVE-2016-6816)
vulnerability in apache (CVE-2016-6816). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6056 |
|
Vulnerability in apache (CVE-2017-6056)
vulnerability in apache (CVE-2017-6056). Risk of unauthorized operations or information disclosure.
|