Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
apache tomcat 6.0.35 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-0033
org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote attackers to conduct session fixation attacks via a crafted URL....
Apache Tomcat 6.0.37
Apache Tomcat 6.0.35
Apache Tomcat 6.0.36
Apache Tomcat 6.0.33
Apache Tomcat 6.0.34
NA
CVE-2013-2067
java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote...
Apache Tomcat 6.0.29
Apache Tomcat 6.0.30
Apache Tomcat 6.0.21
Apache Tomcat 6.0.31
Apache Tomcat 6.0.32
Apache Tomcat 6.0.24
Apache Tomcat 6.0.26
Apache Tomcat 6.0.33
Apache Tomcat 6.0.35
Apache Tomcat 6.0.27
Apache Tomcat 6.0.28
Apache Tomcat 6.0.36
Apache Tomcat 7.0.0
Apache Tomcat 7.0.13
Apache Tomcat 7.0.15
Apache Tomcat 7.0.23
Apache Tomcat 7.0.11
Apache Tomcat 7.0.2
Apache Tomcat 7.0.16
Apache Tomcat 7.0.7
Apache Tomcat 7.0.19
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.1
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 7.0.22
Apache Tomcat 7.0.9
Apache Tomcat 7.0.21
Apache Tomcat 7.0.32
Apache Tomcat 7.0.20
Apache Tomcat 7.0.17
Apache Tomcat 7.0.28
Apache Tomcat 7.0.12
Apache Tomcat 7.0.8
Apache Tomcat 7.0.18
Apache Tomcat 7.0.30
Apache Tomcat 7.0.14
Apache Tomcat 7.0.10
Apache Tomcat 7.0.25
NA
CVE-2012-3546
org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at...
Apache Tomcat 6.0
Apache Tomcat 6.0.14
Apache Tomcat 6.0.29
Apache Tomcat 6.0.33
Apache Tomcat 6.0.18
Apache Tomcat 6.0.1
Apache Tomcat 6.0.32
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.2
Apache Tomcat 6.0.4
Apache Tomcat 6.0.27
Apache Tomcat 6.0.3
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.28
Apache Tomcat 6.0.0
Apache Tomcat 6.0.5
Apache Tomcat 6.0.24
Apache Tomcat 6.0.31
Apache Tomcat 6.0.13
Apache Tomcat 6.0.19
Apache Tomcat 6.0.16
Apache Tomcat 6.0.15
Apache Tomcat 6.0.30
Apache Tomcat 6.0.35
Apache Tomcat 6.0.17
Apache Tomcat 6.0.26
Apache Tomcat 6.0.10
Apache Tomcat 6.0.20
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.17
Apache Tomcat 7.0.14
Apache Tomcat 7.0.3
Apache Tomcat 7.0.28
Apache Tomcat 7.0.22
Apache Tomcat 7.0.9
Apache Tomcat 7.0.13
Apache Tomcat 7.0.2
Apache Tomcat 7.0.1
Apache Tomcat 7.0.20
Apache Tomcat 7.0.4
Apache Tomcat 7.0.0
Apache Tomcat 7.0.7
Apache Tomcat 7.0.19
Apache Tomcat 7.0.15
Apache Tomcat 7.0.23
Apache Tomcat 7.0.25
Apache Tomcat 7.0.16
Apache Tomcat 7.0.21
Apache Tomcat 7.0.18
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.12
Apache Tomcat 7.0.8
NA
CVE-2012-2733
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a...
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.17
Apache Tomcat 6.0.0
Apache Tomcat 6.0.2
Apache Tomcat 6.0.26
Apache Tomcat 6.0.10
Apache Tomcat 6.0.20
Apache Tomcat 6.0
Apache Tomcat 6.0.14
Apache Tomcat 6.0.29
Apache Tomcat 6.0.1
Apache Tomcat 6.0.27
Apache Tomcat 6.0.3
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.33
Apache Tomcat 6.0.4
Apache Tomcat 6.0.18
Apache Tomcat 6.0.32
Apache Tomcat 6.0.13
Apache Tomcat 6.0.19
Apache Tomcat 6.0.16
Apache Tomcat 6.0.15
Apache Tomcat 6.0.30
Apache Tomcat 6.0.28
Apache Tomcat 6.0.5
Apache Tomcat 6.0.24
Apache Tomcat 6.0.31
Apache Tomcat 6.0.35
Apache Tomcat 7.0.6
Apache Tomcat 7.0.21
Apache Tomcat 7.0.18
Apache Tomcat 7.0.14
Apache Tomcat 7.0.10
Apache Tomcat 7.0.12
Apache Tomcat 7.0.4
Apache Tomcat 7.0.8
Apache Tomcat 7.0.13
Apache Tomcat 7.0.5
Apache Tomcat 7.0.20
Apache Tomcat 7.0.17
Apache Tomcat 7.0.0
Apache Tomcat 7.0.3
Apache Tomcat 7.0.22
Apache Tomcat 7.0.9
Apache Tomcat 7.0.15
Apache Tomcat 7.0.23
Apache Tomcat 7.0.11
Apache Tomcat 7.0.2
Apache Tomcat 7.0.25
Apache Tomcat 7.0.16
Apache Tomcat 7.0.1
Apache Tomcat 7.0.7
Apache Tomcat 7.0.19
NA
CVE-2012-4431
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier....
Apache Tomcat 6.0.15
Apache Tomcat 6.0.8
Apache Tomcat 6.0.9
Apache Tomcat 6.0.4
Apache Tomcat 6.0.28
Apache Tomcat 6.0.1
Apache Tomcat 6.0.0
Apache Tomcat 6.0.32
Apache Tomcat 6.0.13
Apache Tomcat 6.0.24
Apache Tomcat 6.0.16
Apache Tomcat 6.0.14
Apache Tomcat 6.0.6
Apache Tomcat 6.0.29
Apache Tomcat 6.0.7
Apache Tomcat 6.0.17
Apache Tomcat 6.0.27
Apache Tomcat 6.0.3
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Apache Tomcat 6.0.30
Apache Tomcat 6.0
Apache Tomcat 6.0.35
Apache Tomcat 6.0.2
Apache Tomcat 6.0.5
Apache Tomcat 6.0.31
Apache Tomcat 6.0.12
Apache Tomcat 6.0.33
Apache Tomcat 6.0.18
Apache Tomcat 6.0.26
Apache Tomcat 6.0.20
Apache Tomcat 6.0.19
Apache Tomcat 7.0.23
Apache Tomcat 7.0.2
Apache Tomcat 7.0.6
Apache Tomcat 7.0.21
Apache Tomcat 7.0.17
Apache Tomcat 7.0.14
Apache Tomcat 7.0.28
Apache Tomcat 7.0.12
Apache Tomcat 7.0.9
Apache Tomcat 7.0.8
Apache Tomcat 7.0.13
Apache Tomcat 7.0.5
Apache Tomcat 7.0.1
Apache Tomcat 7.0.20
Apache Tomcat 7.0.0
Apache Tomcat 7.0.3
Apache Tomcat 7.0.19
Apache Tomcat 7.0.22
Apache Tomcat 7.0.4
Apache Tomcat 7.0.16
Apache Tomcat 7.0.7
Apache Tomcat 7.0.18
Apache Tomcat 7.0.15
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.25
Apache Tomcat 7.0.30
NA
CVE-2012-3544
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data....
Apache Tomcat 6.0.14
Apache Tomcat 6.0.36
Apache Tomcat 6.0.35
Apache Tomcat 6.0.7
Apache Tomcat 6.0.2
Apache Tomcat 6.0.4
Apache Tomcat 6.0.27
Apache Tomcat 6.0.31
Apache Tomcat 6.0.12
Apache Tomcat 6.0.6
Apache Tomcat 6.0.29
Apache Tomcat 6.0.1
Apache Tomcat 6.0.15
Apache Tomcat 6.0.30
Apache Tomcat 6.0
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.28
Apache Tomcat 6.0.0
Apache Tomcat 6.0.5
Apache Tomcat 6.0.13
Apache Tomcat 6.0.24
Apache Tomcat 6.0.16
Apache Tomcat 6.0.33
Apache Tomcat 6.0.17
Apache Tomcat 6.0.18
Apache Tomcat 6.0.26
Apache Tomcat 6.0.32
Apache Tomcat 6.0.20
Apache Tomcat 6.0.19
Apache Tomcat 6.0.3
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Apache Tomcat 7.0.13
Apache Tomcat 7.0.5
Apache Tomcat 7.0.20
Apache Tomcat 7.0.17
Apache Tomcat 7.0.0
Apache Tomcat 7.0.3
Apache Tomcat 7.0.19
Apache Tomcat 7.0.22
Apache Tomcat 7.0.2
Apache Tomcat 7.0.1
Apache Tomcat 7.0.4
Apache Tomcat 7.0.16
Apache Tomcat 7.0.7
Apache Tomcat 7.0.18
Apache Tomcat 7.0.15
Apache Tomcat 7.0.23
Apache Tomcat 7.0.11
Apache Tomcat 7.0.25
Apache Tomcat 7.0.6
Apache Tomcat 7.0.21
Apache Tomcat 7.0.14
Apache Tomcat 7.0.10
Apache Tomcat 7.0.28
Apache Tomcat 7.0.12
Apache Tomcat 7.0.9
Apache Tomcat 7.0.8
NA
CVE-2012-4534
org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during...
Apache Tomcat 6.0.15
Apache Tomcat 6.0.8
Apache Tomcat 6.0.9
Apache Tomcat 6.0.33
Apache Tomcat 6.0.14
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.29
Apache Tomcat 6.0.2
Apache Tomcat 6.0.1
Apache Tomcat 6.0.27
Apache Tomcat 6.0.3
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.4
Apache Tomcat 6.0.0
Apache Tomcat 6.0.32
Apache Tomcat 6.0.13
Apache Tomcat 6.0.19
Apache Tomcat 6.0.16
Apache Tomcat 6.0.17
Apache Tomcat 6.0.18
Apache Tomcat 6.0.26
Apache Tomcat 6.0.10
Apache Tomcat 6.0.20
Apache Tomcat 6.0.30
Apache Tomcat 6.0
Apache Tomcat 6.0.35
Apache Tomcat 6.0.28
Apache Tomcat 6.0.5
Apache Tomcat 6.0.24
Apache Tomcat 6.0.31
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.21
Apache Tomcat 7.0.17
Apache Tomcat 7.0.14
Apache Tomcat 7.0.3
Apache Tomcat 7.0.12
Apache Tomcat 7.0.8
Apache Tomcat 7.0.23
Apache Tomcat 7.0.2
Apache Tomcat 7.0.0
Apache Tomcat 7.0.16
Apache Tomcat 7.0.7
Apache Tomcat 7.0.18
Apache Tomcat 7.0.15
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.4
Apache Tomcat 7.0.25
Apache Tomcat 7.0.13
Apache Tomcat 7.0.1
Apache Tomcat 7.0.20
Apache Tomcat 7.0.19
Apache Tomcat 7.0.22
Apache Tomcat 7.0.9
NA
CVE-2011-4858
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many...
Apache Tomcat 6.0.33
Apache Tomcat 6.0.34
Apache Tomcat 6.0.26
Apache Tomcat 6.0.25
Apache Tomcat 6.0.30
Apache Tomcat 6.0.29
Apache Tomcat 6.0.21
Apache Tomcat 6.0.20
Apache Tomcat 6.0.13
Apache Tomcat 6.0.12
Apache Tomcat 6.0.5
Apache Tomcat 6.0.4
Apache Tomcat 7.0.19
Apache Tomcat 7.0.18
Apache Tomcat 7.0.11
Apache Tomcat 7.0.10
Apache Tomcat 7.0.3
Apache Tomcat 7.0.2
Apache Tomcat 5.5.35
Apache Tomcat 6.0.28
Apache Tomcat 6.0.27
Apache Tomcat 6.0.19
Apache Tomcat 6.0.18
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Apache Tomcat 6.0.3
Apache Tomcat 6.0.2
Apache Tomcat 7.0.17
Apache Tomcat 7.0.16
Apache Tomcat 7.0.9
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.0
Apache Tomcat 6.0.17
Apache Tomcat 6.0.16
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.1
Apache Tomcat 6.0.0
Apache Tomcat 7.0.15
Apache Tomcat 7.0.14
Apache Tomcat 7.0.7
Apache Tomcat 7.0.6
Apache Tomcat 6.0.32
Apache Tomcat 6.0.31
Apache Tomcat 6.0.24
Apache Tomcat 6.0.23
Apache Tomcat 6.0.22
Apache Tomcat 6.0.15
Apache Tomcat 6.0.14
Apache Tomcat 6.0.7
Apache Tomcat 6.0.6
Apache Tomcat 7.0.22
Apache Tomcat 7.0.21
Apache Tomcat 7.0.20
Apache Tomcat 7.0.13
Apache Tomcat 7.0.12
Apache Tomcat 7.0.5
Apache Tomcat 7.0.4
1 EDB exploit available
1 Metasploit module available
NA
CVE-2012-5885
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count)...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.25
Apache Tomcat 5.5.33
Apache Tomcat 5.5.7
Apache Tomcat 5.5.18
Apache Tomcat 5.5.15
Apache Tomcat 5.5.3
Apache Tomcat 5.5.22
Apache Tomcat 5.5.2
Apache Tomcat 5.5.35
Apache Tomcat 5.5.30
Apache Tomcat 5.5.9
Apache Tomcat 5.5.8
Apache Tomcat 5.5.29
Apache Tomcat 5.5.31
Apache Tomcat 5.5.17
Apache Tomcat 5.5.12
Apache Tomcat 5.5.24
Apache Tomcat 5.5.21
Apache Tomcat 5.5.19
Apache Tomcat 5.5.10
Apache Tomcat 5.5.1
Apache Tomcat 5.5.34
Apache Tomcat 5.5.6
Apache Tomcat 5.5.16
Apache Tomcat 5.5.13
Apache Tomcat 5.5.23
Apache Tomcat 5.5.26
Apache Tomcat 5.5.28
Apache Tomcat 5.5.27
Apache Tomcat 5.5.5
Apache Tomcat 5.5.4
Apache Tomcat 5.5.14
Apache Tomcat 5.5.11
Apache Tomcat 5.5.32
Apache Tomcat 5.5.20
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.33
Apache Tomcat 6.0.4
Apache Tomcat 6.0.18
Apache Tomcat 6.0.1
Apache Tomcat 6.0.32
Apache Tomcat 6.0.24
Apache Tomcat 6.0.19
Apache Tomcat 6.0.16
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.17
Apache Tomcat 6.0.0
Apache Tomcat 6.0.26
Apache Tomcat 6.0.2
Apache Tomcat 6.0.10
Apache Tomcat 6.0.20
Apache Tomcat 6.0.15
Apache Tomcat 6.0.28
Apache Tomcat 6.0.5
Apache Tomcat 6.0.13
Apache Tomcat 6.0.31
Apache Tomcat 6.0.35
Apache Tomcat 6.0.30
Apache Tomcat 6.0
Apache Tomcat 6.0.14
Apache Tomcat 6.0.29
Apache Tomcat 6.0.27
Apache Tomcat 6.0.3
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 7.0.18
Apache Tomcat 7.0.15
Apache Tomcat 7.0.11
Apache Tomcat 7.0.2
Apache Tomcat 7.0.25
Apache Tomcat 7.0.16
Apache Tomcat 7.0.6
Apache Tomcat 7.0.21
Apache Tomcat 7.0.14
Apache Tomcat 7.0.10
Apache Tomcat 7.0.12
Apache Tomcat 7.0.4
Apache Tomcat 7.0.8
Apache Tomcat 7.0.28
Apache Tomcat 7.0.23
Apache Tomcat 7.0.1
Apache Tomcat 7.0.0
Apache Tomcat 7.0.7
Apache Tomcat 7.0.19
Apache Tomcat 7.0.13
Apache Tomcat 7.0.5
Apache Tomcat 7.0.20
Apache Tomcat 7.0.17
Apache Tomcat 7.0.3
Apache Tomcat 7.0.22
Apache Tomcat 7.0.9
NA
CVE-2014-0096
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read...
Apache Tomcat 7.0.52
Apache Tomcat 7.0.14
Apache Tomcat 7.0.15
Apache Tomcat 7.0.20
Apache Tomcat 7.0.21
Apache Tomcat 7.0.28
Apache Tomcat 7.0.29
Apache Tomcat 7.0.36
Apache Tomcat 7.0.37
Apache Tomcat 7.0.42
Apache Tomcat 7.0.43
Apache Tomcat 7.0.5
Apache Tomcat 7.0.50
Apache Tomcat 7.0.0
Apache Tomcat 7.0.16
Apache Tomcat 7.0.17
Apache Tomcat 7.0.22
Apache Tomcat 7.0.23
Apache Tomcat 7.0.3
Apache Tomcat 7.0.30
Apache Tomcat 7.0.38
Apache Tomcat 7.0.39
Apache Tomcat 7.0.44
Apache Tomcat 7.0.45
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.11
Apache Tomcat 7.0.12
Apache Tomcat 7.0.13
Apache Tomcat 7.0.2
Apache Tomcat 7.0.26
Apache Tomcat 7.0.27
Apache Tomcat 7.0.33
Apache Tomcat 7.0.34
Apache Tomcat 7.0.35
Apache Tomcat 7.0.40
Apache Tomcat 7.0.41
Apache Tomcat 7.0.48
Apache Tomcat 7.0.49
Apache Tomcat 7.0.1
Apache Tomcat 7.0.10
Apache Tomcat 7.0.18
Apache Tomcat 7.0.19
Apache Tomcat 7.0.24
Apache Tomcat 7.0.25
Apache Tomcat 7.0.31
Apache Tomcat 7.0.32
Apache Tomcat 7.0.4
Apache Tomcat 7.0.46
Apache Tomcat 7.0.47
Apache Tomcat 7.0.8
Apache Tomcat 7.0.9
Apache Tomcat 8.0.0
Apache Tomcat 8.0.1
Apache Tomcat 8.0.3
Apache Tomcat 6.0.0
Apache Tomcat 6.0.14
Apache Tomcat 6.0.15
Apache Tomcat 6.0.20
Apache Tomcat 6.0.24
Apache Tomcat 6.0.31
Apache Tomcat 6.0.32
Apache Tomcat 6.0.5
Apache Tomcat 6.0.6
Apache Tomcat 6.0.9
Apache Tomcat 6.0.1
Apache Tomcat 6.0.16
Apache Tomcat 6.0.17
Apache Tomcat 6.0.18
Apache Tomcat 6.0.26
Apache Tomcat 6.0.27
Apache Tomcat 6.0.33
Apache Tomcat 6.0.35
Apache Tomcat 6.0.7
Apache Tomcat 6
Apache Tomcat 6.0
Apache Tomcat 6.0.12
Apache Tomcat 6.0.13
Apache Tomcat 6.0.2
Apache Tomcat 6.0.3
Apache Tomcat 6.0.30
Apache Tomcat 6.0.4
Apache Tomcat 6.0.8
Apache Tomcat
Apache Tomcat 6.0.10
Apache Tomcat 6.0.11
Apache Tomcat 6.0.19
Apache Tomcat 6.0.28
Apache Tomcat 6.0.29
Apache Tomcat 6.0.36
Apache Tomcat 6.0.37
3 Articles available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-31805
dos
CVE-2022-26727
CVE-2022-26712
CVE-2022-1529
CVE-2022-20807
template injection
CVE-2022-26690
cross-site scripting
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »