Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 5.5.15 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2006-7197
The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote malicious users to read portions of sensitive memory.
Apache Tomcat 5.5.15
4.3
CVSSv2
CVE-2006-7196
Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.31, 5.0.0 up to and including 5.0.30, and 5.5.0 up to and including 5.5.15 allows remote malicious users to inject arbitrar...
Apache Tomcat 4.0.4
Apache Tomcat 5.0.8
Apache Tomcat 5.0.19
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.0.7
Apache Tomcat 5.5.11
Apache Tomcat 5.5.6
Apache Tomcat 5.0.9
Apache Tomcat 5.0.15
Apache Tomcat 5.0.30
Apache Tomcat 5.5.15
Apache Tomcat 5.0.23
Apache Tomcat 5.0.2
Apache Tomcat 5.5.5
Apache Tomcat 5.0.10
1 EDB exploit
2.6
CVSSv2
CVE-2008-4308
The doRead method in Apache Tomcat 4.1.32 up to and including 4.1.34 and 5.5.10 up to and including 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
Apache Tomcat 5.5.18
Apache Tomcat 5.5.12
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 4.1.33
Apache Tomcat 5.5.13
Apache Tomcat 5.5.16
Apache Tomcat 5.5.17
Apache Tomcat 5.5.19
Apache Tomcat 4.1.34
Apache Tomcat 4.1.32
4.3
CVSSv2
CVE-2007-6286
Apache Tomcat 5.5.11 up to and including 5.5.25 and 6.0.0 up to and including 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote malicious users to trigger handling of "a duplicate copy of one of the ...
Apache Tomcat 5.5.18
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 5.5.12
Apache Tomcat 5.5.14
Apache Tomcat 6.0.7
Apache Tomcat 5.5.11
Apache Tomcat 6.0.4
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 6.0.15
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
Apache Tomcat 6.0.10
Apache Tomcat 6.0.3
Apache Tomcat 6.0.9
Apache Tomcat 5.5.25
Apache Tomcat 6.0.0
Apache Tomcat 6.0.14
Apache Tomcat 5.5.13
Apache Tomcat 6.0.1
Apache Tomcat 6.0.12
6.4
CVSSv2
CVE-2007-5342
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 up to and including 5.5.25 and 6.0.0 up to and including 6.0.15 does not restrict certain permissions for web applications, which allows malicious users to modify logging configuration options and ov...
Apache Tomcat 5.5.18
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 5.5.12
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 6.0.7
Apache Tomcat 5.5.11
Apache Tomcat 6.0.4
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 6.0.15
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
Apache Tomcat 6.0.10
Apache Tomcat 6.0.3
Apache Tomcat 6.0.9
Apache Tomcat 6.0
Apache Tomcat 5.5.9
Apache Tomcat 5.5.25
Apache Tomcat 6.0.14
Apache Tomcat 5.5.13
4.3
CVSSv2
CVE-2006-7195
Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 up to and including 5.0.30 and 5.5.0 up to and including 5.5.17 allows remote malicious users to inject arbitrary web script or HTML via certain header values.
Apache Tomcat 5.0.19
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.7
Apache Tomcat 5.5.11
Apache Tomcat 5.5.6
Apache Tomcat 5.0.15
Apache Tomcat 5.0.30
Apache Tomcat 5.5.15
Apache Tomcat 5.0.23
Apache Tomcat 5.0.2
Apache Tomcat 5.5.5
Apache Tomcat 5.0.10
Apache Tomcat 5.0.21
Apache Tomcat 5.0.26
Apache Tomcat 5.0.0
Apache Tomcat 5.0.27
Apache Tomcat 5.0.16
Apache Tomcat 5.5.9
4.3
CVSSv2
CVE-2008-1947
Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 up to and including 5.5.26 and 6.0.0 up to and including 6.0.16 allows remote malicious users to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
Apache Tomcat 5.5.18
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 5.5.12
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 6.0.7
Apache Tomcat 5.5.11
Apache Tomcat 6.0.4
Apache Tomcat 5.5.26
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 6.0.15
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
Apache Tomcat 6.0.10
Apache Tomcat 6.0.3
Apache Tomcat 6.0.9
Apache Tomcat 5.5.9
Apache Tomcat 5.5.25
Apache Tomcat 6.0.0
Apache Tomcat 6.0.14
4.3
CVSSv2
CVE-2007-3386
Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote malicious users to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action...
Apache Tomcat 5.5.13
Apache Tomcat 5.5.14
Apache Tomcat 5.5.20
Apache Tomcat 5.5.21
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 6.0.13
Apache Tomcat 6.0.2
Apache Tomcat 6.0.9
Apache Tomcat 5.5.0
Apache Tomcat 5.5.15
Apache Tomcat 5.5.16
Apache Tomcat 5.5.22
Apache Tomcat 5.5.23
Apache Tomcat 5.5.9
Apache Tomcat 6.0.0
Apache Tomcat 6.0.3
Apache Tomcat 6.0.4
Apache Tomcat 5.5.1
Apache Tomcat 5.5.10
Apache Tomcat 5.5.17
1 EDB exploit
2.6
CVSSv2
CVE-2007-1858
The default SSL cipher configuration in Apache Tomcat 4.1.28 up to and including 4.1.31, 5.0.0 up to and including 5.0.30, and 5.5.0 up to and including 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote malicious users to obtain sensitive i...
Apache Tomcat 5.0.19
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.5.11
Apache Tomcat 5.5.6
Apache Tomcat 5.0.15
Apache Tomcat 5.0.30
Apache Tomcat 5.5.15
Apache Tomcat 5.0.23
Apache Tomcat 5.0.2
Apache Tomcat 5.5.5
Apache Tomcat 5.0.10
Apache Tomcat 5.0.21
Apache Tomcat 5.0.26
Apache Tomcat 5.0.0
Apache Tomcat 4.1.31
9 Github repositories
6.4
CVSSv2
CVE-2010-2227
Apache Tomcat 5.5.0 up to and including 5.5.29, 6.0.0 up to and including 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote malicious users to cause a denial of service (application outage) or obtain sensitive information via...
Apache Tomcat 5.5.27
Apache Tomcat 5.5.18
Apache Tomcat 5.5.12
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.5.11
Apache Tomcat 5.5.28
Apache Tomcat 5.5.6
Apache Tomcat 5.5.26
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 5.5.5
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
Apache Tomcat 5.5.3
Apache Tomcat 5.5.9
Apache Tomcat 5.5.25
Apache Tomcat 5.5.2
Apache Tomcat 5.5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »