Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 7.0.10 vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2011-1419
Apache Tomcat 7.x prior to 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote malicious users to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of ...
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.10
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
5
CVSSv2
CVE-2011-1475
The HTTP BIO connector in Apache Tomcat 7.0.x prior to 7.0.12 does not properly handle HTTP pipelining, which allows remote malicious users to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to &q...
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.11
Apache Tomcat 7.0.7
Apache Tomcat 7.0.10
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
2 Github repositories
4.6
CVSSv2
CVE-2011-2481
Apache Tomcat 7.0.x prior to 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loa...
Apache Tomcat 7.0.12
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.14
Apache Tomcat 7.0.11
Apache Tomcat 7.0.7
Apache Tomcat 7.0.13
Apache Tomcat 7.0.10
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
4.4
CVSSv2
CVE-2011-3376
org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x prior to 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application...
Apache Tomcat 7.0.12
Apache Tomcat 7.0.20
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.18
Apache Tomcat 7.0.14
Apache Tomcat 7.0.11
Apache Tomcat 7.0.7
Apache Tomcat 7.0.13
Apache Tomcat 7.0.15
Apache Tomcat 7.0.19
Apache Tomcat 7.0.16
Apache Tomcat 7.0.10
Apache Tomcat 7.0.21
Apache Tomcat 7.0.17
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
5
CVSSv2
CVE-2011-3375
Apache Tomcat 6.0.30 up to and including 6.0.33 and 7.x prior to 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote malicious users to obtain unintended read access to IP address and HTTP header information in ...
Apache Tomcat 6.0.33
Apache Tomcat 6.0.31
Apache Tomcat 6.0.32
Apache Tomcat 6.0.30
Apache Tomcat 7.0.12
Apache Tomcat 7.0.20
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.18
Apache Tomcat 7.0.14
Apache Tomcat 7.0.11
Apache Tomcat 7.0.7
Apache Tomcat 7.0.13
Apache Tomcat 7.0.15
Apache Tomcat 7.0.19
Apache Tomcat 7.0.16
Apache Tomcat 7.0.10
Apache Tomcat 7.0.21
5
CVSSv2
CVE-2011-2729
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 up to and including 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 up to and including 5.5.33, 6.0.30 up to and including 6.0.32, and 7.0.x prior to 7.0.20 on Linux, does not drop capabilities, which a...
Apache Tomcat 5.5.32
Apache Tomcat 5.5.33
Apache Tomcat 6.0.30
Apache Tomcat 6.0.31
Apache Tomcat 6.0.32
Apache Apache Commons Daemon 1.0.3
Apache Apache Commons Daemon 1.0.4
Apache Apache Commons Daemon 1.0.5
Apache Apache Commons Daemon 1.0.6
Apache Tomcat 7.0.0
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.3
Apache Tomcat 7.0.4
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.8
Apache Tomcat 7.0.9
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.12
6.8
CVSSv2
CVE-2013-4444
Unrestricted file upload vulnerability in Apache Tomcat 7.x prior to 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote malicious users to execute arbitrary code by uploading and accessing a JSP file.
Apache Tomcat 7.0.2
Apache Tomcat 7.0.12
Apache Tomcat 7.0.20
Apache Tomcat 7.0.34
Apache Tomcat 7.0.1
Apache Tomcat 7.0.4
Apache Tomcat 7.0.22
Apache Tomcat 7.0.26
Apache Tomcat 7.0.28
Apache Tomcat 7.0.0
Apache Tomcat 7.0.18
Apache Tomcat 7.0.14
Apache Tomcat 7.0.11
Apache Tomcat 7.0.23
Apache Tomcat 7.0.37
Apache Tomcat 7.0.29
Apache Tomcat 7.0.13
Apache Tomcat 7.0.31
Apache Tomcat 7.0.30
Apache Tomcat 7.0.15
Apache Tomcat 7.0.19
Apache Tomcat 7.0.16
2.1
CVSSv2
CVE-2013-0346
Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has stated "The tomcat log directory does not contain any sensitive informatio...
Apache Tomcat 7.0.2
Apache Tomcat 7.0.49
Apache Tomcat 7.0.12
Apache Tomcat 7.0.20
Apache Tomcat 7.0.34
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.5
Apache Tomcat 7.0.4
Apache Tomcat 7.0.22
Apache Tomcat 7.0.39
Apache Tomcat 7.0.26
Apache Tomcat 7.0.46
Apache Tomcat 7.0.28
Apache Tomcat 7.0.0
Apache Tomcat 7.0.50
Apache Tomcat 7.0.6
Apache Tomcat 7.0.18
Apache Tomcat 7.0.14
Apache Tomcat 7.0.48
Apache Tomcat 7.0.11
Apache Tomcat 7.0.23
5
CVSSv2
CVE-2011-4858
Apache Tomcat prior to 5.5.35, 6.x prior to 6.0.35, and 7.x prior to 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sendi...
Apache Tomcat 6.0.33
Apache Tomcat 7.0.12
Apache Tomcat 6.0.6
Apache Tomcat 7.0.20
Apache Tomcat 6.0.11
Apache Tomcat 6.0.34
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 6.0.22
Apache Tomcat 6.0.25
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 7.0.22
Apache Tomcat 5.5.35
Apache Tomcat 6.0.15
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.18
Apache Tomcat 6.0.20
Apache Tomcat 7.0.14
1 EDB exploit
4.3
CVSSv2
CVE-2012-4431
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.32 allows remote malicious users to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
Apache Tomcat 6.0.33
Apache Tomcat 6.0.0
Apache Tomcat 6.0.6
Apache Tomcat 6.0.4
Apache Tomcat 6.0.11
Apache Tomcat 6.0.7
Apache Tomcat 6.0.15
Apache Tomcat 6.0.20
Apache Tomcat 6.0.9
Apache Tomcat 6.0.10
Apache Tomcat 6.0.31
Apache Tomcat 6.0.29
Apache Tomcat 6.0.3
Apache Tomcat 6.0.1
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0
Apache Tomcat 6.0.32
Apache Tomcat 6.0.28
Apache Tomcat 6.0.14
Apache Tomcat 6.0.12
Apache Tomcat 6.0.18
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
adobe
CVE-2024-9201
CVE-2024-9680
CVE-2024-9808
CVE-2024-9794
dos
remote attackers
commerce
CVE-2024-45129
overflow
CVE-2024-43572
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »