Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
apache tomcat 7.0.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1088
Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application....
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
NA
CVE-2011-1475
The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a...
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.5
Apache Tomcat 7.0.1
Apache Tomcat 7.0.7
Apache Tomcat 7.0.6
Apache Tomcat 7.0.0
Apache Tomcat 7.0.9
Apache Tomcat 7.0.8
Apache Tomcat 7.0.3
Apache Tomcat 7.0.2
Apache Tomcat 7.0.4
2 Github repositories available
NA
CVE-2011-2481
Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is...
Apache Tomcat 7.0.12
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.14
Apache Tomcat 7.0.11
Apache Tomcat 7.0.7
Apache Tomcat 7.0.13
Apache Tomcat 7.0.10
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
NA
CVE-2011-1419
Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of an...
Apache Tomcat 7.0.4
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.1
Apache Tomcat 7.0.8
Apache Tomcat 7.0.9
Apache Tomcat 7.0.5
Apache Tomcat 7.0.3
Apache Tomcat 7.0.7
Apache Tomcat 7.0.2
Apache Tomcat 7.0.10
NA
CVE-2010-4172
Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or...
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 6.0.15
Apache Tomcat 7.0.0
Apache Tomcat 6.0.20
Apache Tomcat 6.0.29
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0.28
Apache Tomcat 6.0.14
Apache Tomcat 6.0.12
Apache Tomcat 6.0.18
Apache Tomcat 6.0.13
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 6.0.26
Apache Tomcat 6.0.19
Apache Tomcat 6.0.27
Apache Tomcat 6.0.16
1 EDB exploit available
NA
CVE-2011-3376
org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager...
Apache Tomcat 7.0.0
Apache Tomcat 7.0.7
Apache Tomcat 7.0.8
Apache Tomcat 7.0.17
Apache Tomcat 7.0.15
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.9
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.18
Apache Tomcat 7.0.19
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.14
Apache Tomcat 7.0.16
Apache Tomcat 7.0.3
Apache Tomcat 7.0.4
Apache Tomcat 7.0.12
Apache Tomcat 7.0.13
Apache Tomcat 7.0.20
Apache Tomcat 7.0.21
NA
CVE-2011-2729
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read...
Apache Tomcat 5.5.32
Apache Tomcat 5.5.33
Apache Tomcat 6.0.30
Apache Tomcat 6.0.31
Apache Tomcat 6.0.32
Apache Apache Commons Daemon 1.0.3
Apache Apache Commons Daemon 1.0.4
Apache Apache Commons Daemon 1.0.5
Apache Apache Commons Daemon 1.0.6
Apache Tomcat 7.0.0
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.3
Apache Tomcat 7.0.4
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.8
Apache Tomcat 7.0.9
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.12
Apache Tomcat 7.0.13
Apache Tomcat 7.0.14
Apache Tomcat 7.0.16
Apache Tomcat 7.0.17
Apache Tomcat 7.0.19
NA
CVE-2011-3375
Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic...
Apache Tomcat 6.0.33
Apache Tomcat 6.0.30
Apache Tomcat 6.0.31
Apache Tomcat 6.0.32
Apache Tomcat 7.0.15
Apache Tomcat 7.0.14
Apache Tomcat 7.0.6
Apache Tomcat 7.0.5
Apache Tomcat 7.0.21
Apache Tomcat 7.0.20
Apache Tomcat 7.0.13
Apache Tomcat 7.0.12
Apache Tomcat 7.0.11
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 7.0.19
Apache Tomcat 7.0.18
Apache Tomcat 7.0.10
Apache Tomcat 7.0.9
Apache Tomcat 7.0.2
Apache Tomcat 7.0.1
Apache Tomcat 7.0.17
Apache Tomcat 7.0.16
Apache Tomcat 7.0.8
Apache Tomcat 7.0.7
Apache Tomcat 7.0.0
NA
CVE-2013-2071
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for...
Apache Tomcat 7.0.15
Apache Tomcat 7.0.30
Apache Tomcat 7.0.23
Apache Tomcat 7.0.11
Apache Tomcat 7.0.0
Apache Tomcat 7.0.4
Apache Tomcat 7.0.25
Apache Tomcat 7.0.13
Apache Tomcat 7.0.2
Apache Tomcat 7.0.1
Apache Tomcat 7.0.16
Apache Tomcat 7.0.7
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.20
Apache Tomcat 7.0.17
Apache Tomcat 7.0.3
Apache Tomcat 7.0.19
Apache Tomcat 7.0.22
Apache Tomcat 7.0.21
Apache Tomcat 7.0.18
Apache Tomcat 7.0.14
Apache Tomcat 7.0.10
Apache Tomcat 7.0.28
Apache Tomcat 7.0.12
Apache Tomcat 7.0.9
Apache Tomcat 7.0.8
Apache Tomcat 7.0.32
NA
CVE-2011-0534
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request....
Apache Tomcat 7.0.0
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.3
Apache Tomcat 7.0.6
Apache Tomcat 7.0.4
Apache Tomcat 7.0.5
Apache Tomcat 6.0.15
Apache Tomcat 6.0.14
Apache Tomcat 6.0.17
Apache Tomcat 6.0.18
Apache Tomcat 6.0.26
Apache Tomcat 6.0.13
Apache Tomcat 6.0.16
Apache Tomcat 6.0.30
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.1
Apache Tomcat 6.0.0
Apache Tomcat 6.0.5
Apache Tomcat 6.0.24
Apache Tomcat 6.0.12
Apache Tomcat 6.0.29
Apache Tomcat 6.0.28
Apache Tomcat 6.0.3
Apache Tomcat 6.0.2
Apache Tomcat 6.0.20
Apache Tomcat 6.0.19
Apache Tomcat 6.0.8
Apache Tomcat 6.0.9
Apache Tomcat 6.0.27
Apache Tomcat 6.0.4
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
insecure direct object reference
CVE-2023-30736
CVE-2023-39647
CVE-2023-42793
inject
CVE-2023-20101
CVE-2023-4497
XXE
CVE-2023-5217
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »