Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetty jetty 6.0 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2006-2758
Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote malicious users to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747.
Jetty Jetty 6.0
1 EDB exploit
605
VMScore
CVE-2006-6969
Jetty prior to 4.2.27, 5.1 prior to 5.1.12, 6.0 prior to 6.0.2, and 6.1 prior to 6.1.0pre3 generates predictable session identifiers using java.util.random, which makes it easier for remote malicious users to guess a session identifier through brute force attacks, bypass authenti...
Jetty Jetty Http Server 4.2.18
Jetty Jetty Http Server 4.2.19
Jetty Jetty Http Server 4.2.12
Jetty Jetty Http Server 4.2.14
Jetty Jetty Http Server 5.1.11
Jetty Jetty Http Server 6.0.1
Jetty Jetty Http Server 4.2.15
Jetty Jetty Http Server 4.2.16
Jetty Jetty Http Server 4.2.17
Jetty Jetty Http Server 6.1.0 Pre2
Jetty Jetty Http Server 4.2.11
Jetty Jetty Http Server 4.2.24
Jetty Jetty Http Server 4.2.9
446
VMScore
CVE-2019-10247
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Con...
Eclipse Jetty 9.3.0
Eclipse Jetty 9.3.4
Eclipse Jetty 9.3.7
Eclipse Jetty 9.3.8
Eclipse Jetty 9.3.1
Eclipse Jetty 9.3.2
Eclipse Jetty 9.3.3
Eclipse Jetty 9.3.5
Eclipse Jetty 9.3.6
Eclipse Jetty 9.3.9
Eclipse Jetty 9.3.10
Eclipse Jetty 9.3.11
Eclipse Jetty 9.3.12
Eclipse Jetty 9.3.13
Eclipse Jetty 9.3.14
Eclipse Jetty 9.3.15
Eclipse Jetty 9.3.16
Eclipse Jetty 9.3.17
Eclipse Jetty 9.3.18
Eclipse Jetty 9.3.19
Eclipse Jetty 9.3.20
Eclipse Jetty 9.3.21
445
VMScore
CVE-2006-2759
jetty 6.0.x (jetty6) beta16 allows remote malicious users to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations.
Jetty Jetty 6.0 Beta 16
446
VMScore
CVE-2019-10246
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information revea...
Eclipse Jetty 9.2.27
Eclipse Jetty 9.3.26
Eclipse Jetty 9.4.16
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Oncommand System Manager
Netapp Snapmanager -
Netapp Storage Services Connector -
Netapp Virtual Storage Console
Netapp Virtual Storage Console 9.6
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Storage Replication Adapter For Clustered Data Ontap 9.6
Netapp Vasa Provider For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap -
Netapp Element -
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Core Banking 5.2.0
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started