CVE-2009-3555 critical 9.8
10.0
17y ago
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9…
debian ubuntu fedora java +2
CVE-2026-43512 critical 9.8
9.8
15d ago
Apache Tomcat - Digest authenticator will authenticate any unknown user
suse debian java apache
CVE-2026-41293 critical 9.8
9.8
15d ago
Apache Tomcat - HTTP/2 request headers not validated
suse debian java apache
CVE-2025-55754 critical 9.6
9.6
9d ago
Apache Tomcat Vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences
redhat suse debian java +1
CVE-2026-29145 critical —
9.5
2mo ago
Apache Tomcat: CLIENT_CERT authentication does not fail as expected
suse debian java
CVE-2026-43515 critical 9.1
9.1
15d ago
Apache Tomcat - Security constraints not correctly applied
suse debian java apache