Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 3.2.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0808
Apache Tomcat prior to 5.x allows remote malicious users to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
Apache Tomcat 3.1
Apache Tomcat 3.2.1
Apache Tomcat 3.2.2
Apache Tomcat 3.2.4
Apache Tomcat 3.0
Apache Tomcat 3.3.1a
Apache Tomcat 3.1.1
Apache Tomcat 3.2.3
Apache Tomcat 3.2
Apache Tomcat 3.3.1
Apache Tomcat 3.3
NA
CVE-2002-1148
The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and previous versions allows remote malicious users to read source code for server files via a direct request to the servlet.
Apache Tomcat 3.1
Apache Tomcat 4.0.4
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 3.2.2
Apache Tomcat 3.2.4
Apache Tomcat 3.0
Apache Tomcat 4.0.3
Apache Tomcat 4.0.1
Apache Tomcat 4.1.3
Apache Tomcat 4.1.10
Apache Tomcat 4.1.0
Apache Tomcat 3.1.1
Apache Tomcat 4.0.2
Apache Tomcat 4.0.0
Apache Tomcat 3.2.3
Apache Tomcat 3.2
Apache Tomcat 3.3.1
Apache Tomcat 3.3
1 EDB exploit
NA
CVE-2013-6357
Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demons...
Apache Tomcat 3.1
Apache Tomcat 4.1.2
Apache Tomcat 4.0.4
Apache Tomcat 4.1.36
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 5.5.18
Apache Tomcat 5.0.8
Apache Tomcat 5
Apache Tomcat
Apache Tomcat 5.0.19
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 4.1.24
Apache Tomcat 3.2.2
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.0.7
1 EDB exploit
NA
CVE-2009-3548
The Windows installer for Apache Tomcat 6.0.0 up to and including 6.0.20, 5.5.0 up to and including 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote malicious users to gain privileges.
Apache Tomcat 5.5.27
Apache Tomcat 3.1
Apache Tomcat 4.1.2
Apache Tomcat 4.0.4
Apache Tomcat 4.1.35
Apache Tomcat 4.1.36
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 5.5.18
Apache Tomcat 5.0.8
Apache Tomcat 5.0.19
Apache Tomcat 4.1.21
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 4.1.24
Apache Tomcat 3.2.2
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
2 EDB exploits
NA
CVE-2001-0590
Apache Software Foundation Tomcat Servlet before 3.2.2 allows a remote malicious user to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
Apache Tomcat
1 EDB exploit
7.5
CVSSv3
CVE-2016-9879
An issue exists in Pivotal Spring Security prior to 3.2.10, 4.1.x prior to 4.1.4, and 4.2.x prior to 4.2.1. Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an at...
Vmware Spring Security 4.2.0
Vmware Spring Security 4.1.1
Vmware Spring Security 4.1.0
Vmware Spring Security 4.1.2
Vmware Spring Security 3.2.7
Vmware Spring Security 3.2.8
Vmware Spring Security 4.1.3
Vmware Spring Security 3.2.9
Vmware Spring Security 3.2.6
Vmware Spring Security 3.2.1
Vmware Spring Security 3.2.3
Vmware Spring Security 3.2.0
Vmware Spring Security 3.2.5
Vmware Spring Security 3.2.4
Vmware Spring Security 3.2.2
Ibm Websphere Application Server 8.5.5.6
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.8
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.5.5
Ibm Websphere Application Server 8.5.5.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started