Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 7.0.1 vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2011-1088
Apache Tomcat 7.x prior to 7.0.10 does not follow ServletSecurity annotations, which allows remote malicious users to bypass intended access restrictions via HTTP requests to a web application.
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
5.8
CVSSv2
CVE-2011-1419
Apache Tomcat 7.x prior to 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote malicious users to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of ...
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.10
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
5
CVSSv2
CVE-2017-12616
When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.
Apache Tomcat 7.0.2
Apache Tomcat 7.0.49
Apache Tomcat 7.0.12
Apache Tomcat 7.0.62
Apache Tomcat 7.0.20
Apache Tomcat 7.0.34
Apache Tomcat 7.0.58
Apache Tomcat 7.0.8
Apache Tomcat 7.0.55
Apache Tomcat 7.0.1
Apache Tomcat 7.0.5
Apache Tomcat 7.0.51
Apache Tomcat 7.0.4
Apache Tomcat 7.0.63
Apache Tomcat 7.0.22
Apache Tomcat 7.0.39
Apache Tomcat 7.0.26
Apache Tomcat 7.0.46
Apache Tomcat 7.0.72
Apache Tomcat 7.0.76
Apache Tomcat 7.0.71
Apache Tomcat 7.0.28
2 Github repositories
5
CVSSv2
CVE-2017-5664
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error pag...
Apache Tomcat 7.0.2
Apache Tomcat 7.0.49
Apache Tomcat 7.0.12
Apache Tomcat 7.0.62
Apache Tomcat 7.0.20
Apache Tomcat 7.0.34
Apache Tomcat 7.0.58
Apache Tomcat 7.0.8
Apache Tomcat 7.0.55
Apache Tomcat 7.0.1
Apache Tomcat 7.0.5
Apache Tomcat 7.0.51
Apache Tomcat 7.0.4
Apache Tomcat 7.0.63
Apache Tomcat 7.0.22
Apache Tomcat 7.0.39
Apache Tomcat 7.0.26
Apache Tomcat 7.0.46
Apache Tomcat 7.0.72
Apache Tomcat 7.0.76
Apache Tomcat 7.0.71
Apache Tomcat 7.0.28
5
CVSSv2
CVE-2014-7810
The Expression Language (EL) implementation in Apache Tomcat 6.x prior to 6.0.44, 7.x prior to 7.0.58, and 8.x prior to 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows malicious users to bypass a Secu...
Debian Debian Linux 7.0
Apache Tomcat 7.0.2
Apache Tomcat 6.0.33
Apache Tomcat 6.0.0
Apache Tomcat 7.0.49
Apache Tomcat 6.0.39
Apache Tomcat 7.0.12
Apache Tomcat 6.0.6
Apache Tomcat 7.0.53
Apache Tomcat 6.0.4
Apache Tomcat 7.0.20
Apache Tomcat 6.0.11
Apache Tomcat 7.0.34
Apache Tomcat 7.0.8
Apache Tomcat 7.0.55
Apache Tomcat 7.0.1
Apache Tomcat 7.0.5
Apache Tomcat 7.0.4
Apache Tomcat 6.0.7
Apache Tomcat 7.0.22
Apache Tomcat 7.0.39
Apache Tomcat 7.0.26
5
CVSSv2
CVE-2014-0075
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat prior to 6.0.40, 7.x prior to 7.0.53, and 8.x prior to 8.0.4 allows remote malicious users to cause a denial of service (resource consumption) via a...
Apache Tomcat 7.0.2
Apache Tomcat 7.0.49
Apache Tomcat 7.0.12
Apache Tomcat 7.0.20
Apache Tomcat 7.0.34
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.5
Apache Tomcat 7.0.4
Apache Tomcat 7.0.22
Apache Tomcat 7.0.39
Apache Tomcat 7.0.26
Apache Tomcat 7.0.46
Apache Tomcat 7.0.28
Apache Tomcat 7.0.0
Apache Tomcat 7.0.50
Apache Tomcat 7.0.6
Apache Tomcat 7.0.18
Apache Tomcat 7.0.14
Apache Tomcat 7.0.48
Apache Tomcat 7.0.11
Apache Tomcat 7.0.23
1 Article
5
CVSSv2
CVE-2012-5885
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.36, 6.x prior to 6.0.36, and 7.x prior to 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.25
Apache Tomcat 5.5.33
Apache Tomcat 5.5.7
Apache Tomcat 5.5.18
Apache Tomcat 5.5.15
Apache Tomcat 5.5.3
Apache Tomcat 5.5.22
Apache Tomcat 5.5.2
Apache Tomcat 5.5.35
Apache Tomcat 5.5.30
Apache Tomcat 5.5.9
Apache Tomcat 5.5.8
Apache Tomcat 5.5.29
Apache Tomcat 5.5.31
Apache Tomcat 5.5.17
Apache Tomcat 5.5.12
Apache Tomcat 5.5.24
Apache Tomcat 5.5.21
Apache Tomcat 5.5.19
Apache Tomcat 5.5.10
Apache Tomcat 5.5.1
5
CVSSv2
CVE-2012-5886
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.36, 6.x prior to 6.0.36, and 7.x prior to 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote malicious users to bypass authentic...
Apache Tomcat 5.5.30
Apache Tomcat 5.5.0
Apache Tomcat 5.5.8
Apache Tomcat 5.5.33
Apache Tomcat 5.5.31
Apache Tomcat 5.5.17
Apache Tomcat 5.5.24
Apache Tomcat 5.5.3
Apache Tomcat 5.5.19
Apache Tomcat 5.5.2
Apache Tomcat 5.5.27
Apache Tomcat 5.5.9
Apache Tomcat 5.5.4
Apache Tomcat 5.5.29
Apache Tomcat 5.5.14
Apache Tomcat 5.5.11
Apache Tomcat 5.5.12
Apache Tomcat 5.5.20
Apache Tomcat 5.5.21
Apache Tomcat 5.5.25
Apache Tomcat 5.5.10
Apache Tomcat 5.5.7
5
CVSSv2
CVE-2012-5887
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.36, 6.x prior to 6.0.36, and 7.x prior to 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote malicio...
Apache Tomcat 5.5.1
Apache Tomcat 5.5.28
Apache Tomcat 5.5.27
Apache Tomcat 5.5.5
Apache Tomcat 5.5.4
Apache Tomcat 5.5.13
Apache Tomcat 5.5.14
Apache Tomcat 5.5.25
Apache Tomcat 5.5.10
Apache Tomcat 5.5.34
Apache Tomcat 5.5.6
Apache Tomcat 5.5.15
Apache Tomcat 5.5.16
Apache Tomcat 5.5.22
Apache Tomcat 5.5.23
Apache Tomcat 5.5.26
Apache Tomcat 5.5.32
Apache Tomcat 5.5.20
Apache Tomcat 5.5.9
Apache Tomcat 5.5.8
Apache Tomcat 5.5.29
Apache Tomcat 5.5.31
5
CVSSv2
CVE-2012-2733
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.28 does not properly restrict the request-header size, which allows remote malicious users to cause a denial of service (memory consumptio...
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.17
Apache Tomcat 6.0.0
Apache Tomcat 6.0.2
Apache Tomcat 6.0.26
Apache Tomcat 6.0.10
Apache Tomcat 6.0.20
Apache Tomcat 6.0
Apache Tomcat 6.0.14
Apache Tomcat 6.0.29
Apache Tomcat 6.0.1
Apache Tomcat 6.0.27
Apache Tomcat 6.0.3
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.33
Apache Tomcat 6.0.4
Apache Tomcat 6.0.18
Apache Tomcat 6.0.32
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »