Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
apache tomcat 8.0 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2016-1240
The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie and the tomcat6 and libtomcat6-java packages before 6.0.35-1ubuntu3.8 on Ubuntu 12.04 LTS, the tomcat7 and libtomcat7-java packages before...
Apache Tomcat 6.0
Apache Tomcat 7.0
Apache Tomcat 8.0
1 EDB exploit available
7 Github repositories available
6.8
CVSSv2
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by...
Apache Tomcat 8.0.29
Apache Tomcat 8.0.28
Apache Tomcat 8.0.11
Apache Tomcat 8.0.12
Apache Tomcat 8.0.23
Apache Tomcat 8.0.24
Apache Tomcat 7.0.14
Apache Tomcat 7.0.16
Apache Tomcat 7.0.25
Apache Tomcat 7.0.26
Apache Tomcat 7.0.35
Apache Tomcat 7.0.37
Apache Tomcat 7.0.5
Apache Tomcat 7.0.50
Apache Tomcat 7.0.59
Apache Tomcat 7.0.6
Apache Tomcat 8.0.27
Apache Tomcat 8.0.0
Apache Tomcat 8.0.14
Apache Tomcat 8.0.15
Apache Tomcat 8.0.26
Apache Tomcat 7.0.65
Apache Tomcat 7.0.19
Apache Tomcat 7.0.2
Apache Tomcat 7.0.27
Apache Tomcat 7.0.28
Apache Tomcat 7.0.39
Apache Tomcat 7.0.4
Apache Tomcat 7.0.52
Apache Tomcat 7.0.53
Apache Tomcat 7.0.61
Apache Tomcat 7.0.62
Apache Tomcat 7.0.63
Apache Tomcat 8.0.17
Apache Tomcat 8.0.18
Apache Tomcat 7.0.0
Apache Tomcat 7.0.10
Apache Tomcat 7.0.20
Apache Tomcat 7.0.21
Apache Tomcat 7.0.29
Apache Tomcat 7.0.30
Apache Tomcat 7.0.32
Apache Tomcat 7.0.40
Apache Tomcat 7.0.41
Apache Tomcat 7.0.54
Apache Tomcat 7.0.55
Apache Tomcat 7.0.64
Apache Tomcat 9.0.0
Apache Tomcat 8.0.3
Apache Tomcat 8.0.1
Apache Tomcat 8.0.20
Apache Tomcat 8.0.21
Apache Tomcat 8.0.22
Apache Tomcat 7.0.11
Apache Tomcat 7.0.12
Apache Tomcat 7.0.22
Apache Tomcat 7.0.23
Apache Tomcat 7.0.33
Apache Tomcat 7.0.34
Apache Tomcat 7.0.42
Apache Tomcat 7.0.47
Apache Tomcat 7.0.56
Apache Tomcat 7.0.57
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Debian Debian Linux 8.0
Debian Debian Linux 7.0
1 Github repository available
4
CVSSv2
CVE-2016-0706
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Apache Tomcat 8.0.27
Apache Tomcat 7.0.67
Apache Tomcat 7.0.65
Apache Tomcat 8.0.18
Apache Tomcat 8.0.17
Apache Tomcat 8.0.0
Apache Tomcat 7.0.59
Apache Tomcat 7.0.57
Apache Tomcat 7.0.56
Apache Tomcat 7.0.47
Apache Tomcat 7.0.42
Apache Tomcat 7.0.34
Apache Tomcat 7.0.33
Apache Tomcat 7.0.23
Apache Tomcat 7.0.22
Apache Tomcat 7.0.12
Apache Tomcat 7.0.11
Apache Tomcat 6.0.4
Apache Tomcat 6.0.39
Apache Tomcat 6.0.28
Apache Tomcat 6.0.26
Apache Tomcat 6.0.16
Apache Tomcat 6.0.14
Apache Tomcat 6.0.0
Apache Tomcat 8.0.29
Apache Tomcat 8.0.28
Apache Tomcat 8.0.21
Apache Tomcat 8.0.20
Apache Tomcat 8.0.1
Apache Tomcat 7.0.61
Apache Tomcat 7.0.6
Apache Tomcat 7.0.50
Apache Tomcat 7.0.5
Apache Tomcat 7.0.37
Apache Tomcat 7.0.35
Apache Tomcat 7.0.27
Apache Tomcat 7.0.26
Apache Tomcat 7.0.25
Apache Tomcat 7.0.16
Apache Tomcat 7.0.14
Apache Tomcat 6.0.41
Apache Tomcat 6.0.30
Apache Tomcat 6.0.29
Apache Tomcat 6.0.2
Apache Tomcat 6.0.18
Apache Tomcat 6.0.1
Apache Tomcat 8.0.30
Apache Tomcat 8.0.3
Apache Tomcat 8.0.23
Apache Tomcat 8.0.22
Apache Tomcat 8.0.12
Apache Tomcat 8.0.11
Apache Tomcat 7.0.63
Apache Tomcat 7.0.62
Apache Tomcat 7.0.53
Apache Tomcat 7.0.52
Apache Tomcat 7.0.4
Apache Tomcat 7.0.39
Apache Tomcat 7.0.29
Apache Tomcat 7.0.28
Apache Tomcat 7.0.2
Apache Tomcat 7.0.19
Apache Tomcat 6.0.44
Apache Tomcat 6.0.43
Apache Tomcat 6.0.35
Apache Tomcat 6.0.33
Apache Tomcat 6.0.32
Apache Tomcat 6.0.10
Apache Tomcat 9.0.0
Apache Tomcat 8.0.26
Apache Tomcat 8.0.24
Apache Tomcat 8.0.15
Apache Tomcat 8.0.14
Apache Tomcat 7.0.64
Apache Tomcat 7.0.55
Apache Tomcat 7.0.54
Apache Tomcat 7.0.41
Apache Tomcat 7.0.40
Apache Tomcat 7.0.32
Apache Tomcat 7.0.30
Apache Tomcat 7.0.21
Apache Tomcat 7.0.20
Apache Tomcat 7.0.10
Apache Tomcat 7.0.0
Apache Tomcat 6.0.37
Apache Tomcat 6.0.36
Apache Tomcat 6.0.24
Apache Tomcat 6.0.20
Apache Tomcat 6.0.13
Apache Tomcat 6.0.11
4.3
CVSSv2
CVE-2017-7674
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances....
Apache Tomcat 9.0.0
Apache Tomcat 8.5.6
Apache Tomcat 8.5.7
Apache Tomcat 8.5.15
Apache Tomcat 8.0.37
Apache Tomcat 8.0.44
Apache Tomcat 7.0.78
Apache Tomcat 7.0.77
Apache Tomcat 7.0.41
Apache Tomcat 7.0.42
Apache Tomcat 7.0.49
Apache Tomcat 7.0.50
Apache Tomcat 7.0.58
Apache Tomcat 7.0.59
Apache Tomcat 7.0.67
Apache Tomcat 7.0.68
Apache Tomcat 8.0
Apache Tomcat 8.0.1
Apache Tomcat 8.0.8
Apache Tomcat 8.0.9
Apache Tomcat 8.0.17
Apache Tomcat 8.0.18
Apache Tomcat 8.0.25
Apache Tomcat 8.0.26
Apache Tomcat 8.0.33
Apache Tomcat 8.0.34
Apache Tomcat 8.5.11
Apache Tomcat 8.5.12
Apache Tomcat 8.0.40
Apache Tomcat 8.0.41
Apache Tomcat 7.0.73
Apache Tomcat 7.0.74
Apache Tomcat 7.0.45
Apache Tomcat 7.0.46
Apache Tomcat 7.0.54
Apache Tomcat 7.0.55
Apache Tomcat 7.0.62
Apache Tomcat 7.0.63
Apache Tomcat 8.0.0
Apache Tomcat 8.0.4
Apache Tomcat 8.0.5
Apache Tomcat 8.0.12
Apache Tomcat 8.0.13
Apache Tomcat 8.0.14
Apache Tomcat 8.0.21
Apache Tomcat 8.0.22
Apache Tomcat 8.0.29
Apache Tomcat 8.0.30
Apache Tomcat 8.5.0
Apache Tomcat 8.5.1
Apache Tomcat 8.5.2
Apache Tomcat 8.5.8
Apache Tomcat 8.5.9
Apache Tomcat 8.5.10
Apache Tomcat 8.0.38
Apache Tomcat 8.0.39
Apache Tomcat 7.0.71
Apache Tomcat 7.0.72
Apache Tomcat 7.0.43
Apache Tomcat 7.0.44
Apache Tomcat 7.0.52
Apache Tomcat 7.0.53
Apache Tomcat 7.0.60
Apache Tomcat 7.0.61
Apache Tomcat 7.0.69
Apache Tomcat 7.0.70
Apache Tomcat 8.0.2
Apache Tomcat 8.0.3
Apache Tomcat 8.0.10
Apache Tomcat 8.0.11
Apache Tomcat 8.0.19
Apache Tomcat 8.0.20
Apache Tomcat 8.0.27
Apache Tomcat 8.0.28
Apache Tomcat 8.0.35
Apache Tomcat 8.0.36
Apache Tomcat 8.5.5
Apache Tomcat 8.5.13
Apache Tomcat 8.5.14
Apache Tomcat 8.0.42
Apache Tomcat 8.0.43
Apache Tomcat 7.0.75
Apache Tomcat 7.0.76
Apache Tomcat 7.0.47
Apache Tomcat 7.0.48
Apache Tomcat 7.0.56
Apache Tomcat 7.0.57
Apache Tomcat 7.0.64
Apache Tomcat 7.0.65
Apache Tomcat 7.0.66
Apache Tomcat 8.0.6
Apache Tomcat 8.0.7
Apache Tomcat 8.0.15
Apache Tomcat 8.0.16
Apache Tomcat 8.0.23
Apache Tomcat 8.0.24
Apache Tomcat 8.0.31
Apache Tomcat 8.0.32
Apache Tomcat 8.5.3
Apache Tomcat 8.5.4
2 Github repositories available
5
CVSSv2
CVE-2016-8745
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple...
Apache Tomcat 7.0.33
Apache Tomcat 7.0.34
Apache Tomcat 7.0.22
Apache Tomcat 7.0.23
Apache Tomcat 7.0.30
Apache Tomcat 7.0.11
Apache Tomcat 7.0.18
Apache Tomcat 7.0.19
Apache Tomcat 7.0.7
Apache Tomcat 7.0.8
Apache Tomcat 7.0.45
Apache Tomcat 7.0.46
Apache Tomcat 7.0.54
Apache Tomcat 7.0.55
Apache Tomcat 7.0.63
Apache Tomcat 7.0.64
Apache Tomcat 7.0.71
Apache Tomcat 7.0.72
Apache Tomcat 8.0.1
Apache Tomcat 8.0.2
Apache Tomcat 8.0.3
Apache Tomcat 8.0.10
Apache Tomcat 8.0.11
Apache Tomcat 8.0.18
Apache Tomcat 8.0.19
Apache Tomcat 8.0.27
Apache Tomcat 8.0.28
Apache Tomcat 8.0.35
Apache Tomcat 8.0.36
Apache Tomcat 8.5.3
Apache Tomcat 8.5.4
Apache Tomcat 9.0.0
Apache Tomcat 7.0.35
Apache Tomcat 7.0.36
Apache Tomcat 7.0.24
Apache Tomcat 7.0.25
Apache Tomcat 7.0.12
Apache Tomcat 7.0.13
Apache Tomcat 7.0.20
Apache Tomcat 7.0.1
Apache Tomcat 7.0.9
Apache Tomcat 7.0.0
Apache Tomcat 7.0.47
Apache Tomcat 7.0.48
Apache Tomcat 7.0.56
Apache Tomcat 7.0.57
Apache Tomcat 7.0.58
Apache Tomcat 7.0.65
Apache Tomcat 7.0.66
Apache Tomcat 7.0.73
Apache Tomcat 8.0
Apache Tomcat 8.0.4
Apache Tomcat 8.0.5
Apache Tomcat 8.0.12
Apache Tomcat 8.0.13
Apache Tomcat 8.0.20
Apache Tomcat 8.0.21
Apache Tomcat 8.0.29
Apache Tomcat 8.0.30
Apache Tomcat 8.0.37
Apache Tomcat 8.0.38
Apache Tomcat 8.5.5
Apache Tomcat 8.5.6
Apache Tomcat 7.0.31
Apache Tomcat 7.0.32
Apache Tomcat 7.0.40
Apache Tomcat 7.0.21
Apache Tomcat 7.0.28
Apache Tomcat 7.0.29
Apache Tomcat 7.0.16
Apache Tomcat 7.0.17
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.43
Apache Tomcat 7.0.44
Apache Tomcat 7.0.52
Apache Tomcat 7.0.53
Apache Tomcat 7.0.61
Apache Tomcat 7.0.62
Apache Tomcat 7.0.69
Apache Tomcat 7.0.70
Apache Tomcat 8.0.0
Apache Tomcat 8.0.8
Apache Tomcat 8.0.9
Apache Tomcat 8.0.16
Apache Tomcat 8.0.17
Apache Tomcat 8.0.24
Apache Tomcat 8.0.25
Apache Tomcat 8.0.26
Apache Tomcat 8.0.33
Apache Tomcat 8.0.34
Apache Tomcat 8.5.1
Apache Tomcat 8.5.2
Apache Tomcat 7.0.37
Apache Tomcat 7.0.38
Apache Tomcat 7.0.39
Apache Tomcat 7.0.26
Apache Tomcat 7.0.27
Apache Tomcat 7.0.14
Apache Tomcat 7.0.15
Apache Tomcat 7.0.2
Apache Tomcat 7.0.3
Apache Tomcat 7.0.4
Apache Tomcat 7.0.41
Apache Tomcat 7.0.42
Apache Tomcat 7.0.49
Apache Tomcat 7.0.50
Apache Tomcat 7.0.59
Apache Tomcat 7.0.60
Apache Tomcat 7.0.67
Apache Tomcat 7.0.68
Apache Tomcat 8.0.6
Apache Tomcat 8.0.7
Apache Tomcat 8.0.14
Apache Tomcat 8.0.15
Apache Tomcat 8.0.22
Apache Tomcat 8.0.23
Apache Tomcat 8.0.31
Apache Tomcat 8.0.32
Apache Tomcat 8.0.39
Apache Tomcat 8.5.0
Apache Tomcat 8.5.7
Apache Tomcat 8.5.8
2 Github repositories available
2 Articles available
6.5
CVSSv2
CVE-2016-0763
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote...
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Apache Tomcat 8.0.30
Apache Tomcat 8.0.3
Apache Tomcat 8.0.24
Apache Tomcat 8.0.23
Apache Tomcat 8.0.12
Apache Tomcat 8.0.11
Apache Tomcat 7.0.63
Apache Tomcat 7.0.62
Apache Tomcat 7.0.54
Apache Tomcat 7.0.53
Apache Tomcat 7.0.4
Apache Tomcat 8.0.27
Apache Tomcat 7.0.67
Apache Tomcat 8.0.20
Apache Tomcat 8.0.18
Apache Tomcat 8.0.17
Apache Tomcat 8.0.0
Apache Tomcat 7.0.59
Apache Tomcat 7.0.57
Apache Tomcat 7.0.47
Apache Tomcat 7.0.42
Apache Tomcat 7.0.34
Apache Tomcat 7.0.33
Apache Tomcat 7.0.25
Apache Tomcat 7.0.23
Apache Tomcat 7.0.12
Apache Tomcat 7.0.11
Apache Tomcat 9.0.0
Apache Tomcat 7.0.65
Apache Tomcat 8.0.26
Apache Tomcat 8.0.15
Apache Tomcat 8.0.14
Apache Tomcat 7.0.64
Apache Tomcat 7.0.56
Apache Tomcat 7.0.55
Apache Tomcat 7.0.41
Apache Tomcat 7.0.40
Apache Tomcat 7.0.32
Apache Tomcat 7.0.30
Apache Tomcat 7.0.22
Apache Tomcat 7.0.21
Apache Tomcat 7.0.10
Apache Tomcat 7.0.0
Apache Tomcat 7.0.39
Apache Tomcat 7.0.29
Apache Tomcat 7.0.28
Apache Tomcat 7.0.20
Apache Tomcat 7.0.2
Apache Tomcat 8.0.29
Apache Tomcat 8.0.28
Apache Tomcat 8.0.22
Apache Tomcat 8.0.21
Apache Tomcat 8.0.1
Apache Tomcat 7.0.61
Apache Tomcat 7.0.6
Apache Tomcat 7.0.52
Apache Tomcat 7.0.50
Apache Tomcat 7.0.5
Apache Tomcat 7.0.37
Apache Tomcat 7.0.35
Apache Tomcat 7.0.27
Apache Tomcat 7.0.26
Apache Tomcat 7.0.19
Apache Tomcat 7.0.16
Apache Tomcat 7.0.14
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
6.5
CVSSv2
CVE-2016-0714
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary...
Apache Tomcat 8.0.29
Apache Tomcat 8.0.28
Apache Tomcat 8.0.20
Apache Tomcat 8.0.18
Apache Tomcat 8.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.59
Apache Tomcat 7.0.5
Apache Tomcat 7.0.47
Apache Tomcat 7.0.35
Apache Tomcat 7.0.34
Apache Tomcat 7.0.26
Apache Tomcat 7.0.25
Apache Tomcat 7.0.23
Apache Tomcat 7.0.14
Apache Tomcat 7.0.12
Apache Tomcat 6.0.4
Apache Tomcat 6.0.29
Apache Tomcat 8.0.27
Apache Tomcat 9.0.0
Apache Tomcat 8.0.17
Apache Tomcat 8.0.15
Apache Tomcat 7.0.57
Apache Tomcat 7.0.56
Apache Tomcat 7.0.55
Apache Tomcat 7.0.42
Apache Tomcat 7.0.41
Apache Tomcat 7.0.33
Apache Tomcat 7.0.32
Apache Tomcat 7.0.22
Apache Tomcat 7.0.21
Apache Tomcat 7.0.11
Apache Tomcat 7.0.10
Apache Tomcat 6.0.39
Apache Tomcat 6.0.37
Apache Tomcat 6.0.26
Apache Tomcat 6.0.24
Apache Tomcat 6.0.14
Apache Tomcat 6.0.13
Apache Tomcat 8.0.30
Apache Tomcat 8.0.3
Apache Tomcat 8.0.22
Apache Tomcat 8.0.21
Apache Tomcat 8.0.11
Apache Tomcat 8.0.1
Apache Tomcat 7.0.62
Apache Tomcat 7.0.61
Apache Tomcat 7.0.52
Apache Tomcat 7.0.50
Apache Tomcat 7.0.39
Apache Tomcat 7.0.37
Apache Tomcat 7.0.28
Apache Tomcat 7.0.27
Apache Tomcat 7.0.19
Apache Tomcat 7.0.16
Apache Tomcat 6.0.43
Apache Tomcat 6.0.41
Apache Tomcat 6.0.33
Apache Tomcat 6.0.32
Apache Tomcat 6.0.30
Apache Tomcat 6.0.2
Apache Tomcat 6.0.1
Apache Tomcat 6.0.28
Apache Tomcat 6.0.18
Apache Tomcat 6.0.16
Apache Tomcat 6.0.0
Apache Tomcat 7.0.67
Apache Tomcat 7.0.65
Apache Tomcat 8.0.26
Apache Tomcat 8.0.24
Apache Tomcat 8.0.23
Apache Tomcat 8.0.14
Apache Tomcat 8.0.12
Apache Tomcat 7.0.64
Apache Tomcat 7.0.63
Apache Tomcat 7.0.54
Apache Tomcat 7.0.53
Apache Tomcat 7.0.40
Apache Tomcat 7.0.4
Apache Tomcat 7.0.30
Apache Tomcat 7.0.29
Apache Tomcat 7.0.20
Apache Tomcat 7.0.2
Apache Tomcat 7.0.0
Apache Tomcat 6.0.44
Apache Tomcat 6.0.36
Apache Tomcat 6.0.35
Apache Tomcat 6.0.20
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
3 Github repositories available
7.8
CVSSv2
CVE-2016-3092
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long...
Hp Icewall Sso Agent Option 10.0
Hp Icewall Identity Manager 5.0
Apache Tomcat 9.0.0
Apache Tomcat 8.0.32
Apache Tomcat 8.0.3
Apache Tomcat 8.0.30
Apache Tomcat 8.0.22
Apache Tomcat 8.0.21
Apache Tomcat 8.0.11
Apache Tomcat 8.0.1
Apache Tomcat 8.0.8
Apache Tomcat 8.0.5
Apache Tomcat 8.0.27
Apache Tomcat 8.0.26
Apache Tomcat 8.0.17
Apache Tomcat 8.0.15
Apache Tomcat 8.0.0
Apache Tomcat 8.0.35
Apache Tomcat 8.0.33
Apache Tomcat 8.0.24
Apache Tomcat 8.0.23
Apache Tomcat 8.0.14
Apache Tomcat 8.0.12
Apache Tomcat 8.0.29
Apache Tomcat 8.0.28
Apache Tomcat 8.0.20
Apache Tomcat 8.0.18
Debian Debian Linux 8.0
Apache Tomcat 8.5.2
Apache Tomcat 8.5.0
Apache Commons Fileupload
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Apache Tomcat 7.0.65
Apache Tomcat 7.0.64
Apache Tomcat 7.0.55
Apache Tomcat 7.0.54
Apache Tomcat 7.0.53
Apache Tomcat 7.0.52
Apache Tomcat 7.0.61
Apache Tomcat 7.0.6
Apache Tomcat 7.0.59
Apache Tomcat 7.0.5
Apache Tomcat 7.0.47
Apache Tomcat 7.0.37
Apache Tomcat 7.0.35
Apache Tomcat 7.0.26
Apache Tomcat 7.0.25
Apache Tomcat 7.0.19
Apache Tomcat 7.0.16
Apache Tomcat 7.0.0
Apache Tomcat 7.0.8
Apache Tomcat 7.0.67
Apache Tomcat 7.0.57
Apache Tomcat 7.0.56
Apache Tomcat 7.0.42
Apache Tomcat 7.0.41
Apache Tomcat 7.0.34
Apache Tomcat 7.0.33
Apache Tomcat 7.0.23
Apache Tomcat 7.0.22
Apache Tomcat 7.0.14
Apache Tomcat 7.0.12
Apache Tomcat 7.0.40
Apache Tomcat 7.0.4
Apache Tomcat 7.0.32
Apache Tomcat 7.0.30
Apache Tomcat 7.0.21
Apache Tomcat 7.0.20
Apache Tomcat 7.0.11
Apache Tomcat 7.0.10
Apache Tomcat 7.0.69
Apache Tomcat 7.0.68
Apache Tomcat 7.0.63
Apache Tomcat 7.0.62
Apache Tomcat 7.0.50
Apache Tomcat 7.0.39
Apache Tomcat 7.0.29
Apache Tomcat 7.0.28
Apache Tomcat 7.0.27
Apache Tomcat 7.0.2
Apache Tomcat 7.0.1
4
CVSSv2
CVE-2015-5174
Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a...
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Apache Tomcat 8.0.20
Apache Tomcat 8.0.18
Apache Tomcat 8.0.17
Apache Tomcat 8.0.0
Apache Tomcat 8.0.24
Apache Tomcat 8.0.23
Apache Tomcat 8.0.12
Apache Tomcat 8.0.11
Apache Tomcat 7.0.63
Apache Tomcat 7.0.62
Apache Tomcat 7.0.54
Apache Tomcat 7.0.53
Apache Tomcat 7.0.4
Apache Tomcat 7.0.39
Apache Tomcat 7.0.29
Apache Tomcat 7.0.28
Apache Tomcat 7.0.20
Apache Tomcat 7.0.2
Apache Tomcat 7.0.19
Apache Tomcat 6.0.44
Apache Tomcat 6.0.43
Apache Tomcat 6.0.35
Apache Tomcat 6.0.33
Apache Tomcat 6.0.2
Apache Tomcat 6.0.10
Apache Tomcat 6.0.1
Apache Tomcat 8.0.22
Apache Tomcat 8.0.21
Apache Tomcat 8.0.1
Apache Tomcat 7.0.61
Apache Tomcat 7.0.6
Apache Tomcat 7.0.52
Apache Tomcat 7.0.50
Apache Tomcat 7.0.5
Apache Tomcat 7.0.37
Apache Tomcat 7.0.35
Apache Tomcat 7.0.27
Apache Tomcat 7.0.26
Apache Tomcat 7.0.16
Apache Tomcat 7.0.14
Apache Tomcat 6.0.41
Apache Tomcat 6.0.4
Apache Tomcat 6.0.32
Apache Tomcat 6.0.30
Apache Tomcat 6.0.18
Apache Tomcat 6.0.0
Apache Tomcat 8.0.26
Apache Tomcat 8.0.15
Apache Tomcat 8.0.14
Apache Tomcat 7.0.64
Apache Tomcat 7.0.56
Apache Tomcat 7.0.55
Apache Tomcat 7.0.41
Apache Tomcat 7.0.40
Apache Tomcat 7.0.32
Apache Tomcat 7.0.30
Apache Tomcat 7.0.22
Apache Tomcat 7.0.21
Apache Tomcat 7.0.10
Apache Tomcat 7.0.0
Apache Tomcat 6.0.37
Apache Tomcat 6.0.36
Apache Tomcat 6.0.26
Apache Tomcat 6.0.24
Apache Tomcat 6.0.20
Apache Tomcat 6.0.13
Apache Tomcat 6.0.11
Apache Tomcat 7.0.59
Apache Tomcat 7.0.57
Apache Tomcat 7.0.47
Apache Tomcat 7.0.42
Apache Tomcat 7.0.34
Apache Tomcat 7.0.33
Apache Tomcat 7.0.25
Apache Tomcat 7.0.23
Apache Tomcat 7.0.12
Apache Tomcat 7.0.11
Apache Tomcat 6.0.39
Apache Tomcat 6.0.29
Apache Tomcat 6.0.28
Apache Tomcat 6.0.16
Apache Tomcat 6.0.14
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
6.8
CVSSv2
CVE-2015-5351
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a...
Apache Tomcat 7.0.65
Apache Tomcat 7.0.0
Apache Tomcat 7.0.2
Apache Tomcat 7.0.20
Apache Tomcat 7.0.28
Apache Tomcat 7.0.29
Apache Tomcat 7.0.30
Apache Tomcat 7.0.4
Apache Tomcat 7.0.40
Apache Tomcat 7.0.53
Apache Tomcat 7.0.54
Apache Tomcat 7.0.63
Apache Tomcat 7.0.64
Apache Tomcat 9.0.0
Apache Tomcat 8.0.30
Apache Tomcat 8.0.3
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.21
Apache Tomcat 7.0.22
Apache Tomcat 7.0.32
Apache Tomcat 7.0.33
Apache Tomcat 7.0.41
Apache Tomcat 7.0.42
Apache Tomcat 7.0.55
Apache Tomcat 7.0.56
Apache Tomcat 8.0.0
Apache Tomcat 8.0.15
Apache Tomcat 8.0.17
Apache Tomcat 8.0.26
Apache Tomcat 8.0.29
Apache Tomcat 8.0.28
Apache Tomcat 7.0.12
Apache Tomcat 7.0.14
Apache Tomcat 7.0.23
Apache Tomcat 7.0.25
Apache Tomcat 7.0.34
Apache Tomcat 7.0.35
Apache Tomcat 7.0.47
Apache Tomcat 7.0.5
Apache Tomcat 7.0.57
Apache Tomcat 7.0.59
Apache Tomcat 8.0.18
Apache Tomcat 8.0.20
Apache Tomcat 8.0.12
Apache Tomcat 8.0.14
Apache Tomcat 8.0.23
Apache Tomcat 8.0.24
Apache Tomcat 8.0.27
Apache Tomcat 7.0.67
Apache Tomcat 7.0.16
Apache Tomcat 7.0.19
Apache Tomcat 7.0.26
Apache Tomcat 7.0.27
Apache Tomcat 7.0.37
Apache Tomcat 7.0.39
Apache Tomcat 7.0.50
Apache Tomcat 7.0.52
Apache Tomcat 7.0.6
Apache Tomcat 7.0.61
Apache Tomcat 7.0.62
Apache Tomcat 8.0.1
Apache Tomcat 8.0.11
Apache Tomcat 8.0.21
Apache Tomcat 8.0.22
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-5172
CVE-2023-44023
CVE-2023-30845
elevation of privilege
injection
CVE-2023-43234
CVE-2023-41991
cross-site request forgery
seacms
CVE-2023-5197
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »