Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 7.0.1 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2011-2481
Apache Tomcat 7.0.x prior to 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loa...
Apache Tomcat 7.0.12
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.14
Apache Tomcat 7.0.11
Apache Tomcat 7.0.7
Apache Tomcat 7.0.13
Apache Tomcat 7.0.10
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
4.4
CVSSv2
CVE-2011-2526
Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial...
Apache Tomcat 5.5.27
Apache Tomcat 5.5.18
Apache Tomcat 5.5.12
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.5.11
Apache Tomcat 5.5.28
Apache Tomcat 5.5.6
Apache Tomcat 5.5.26
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 5.5.5
Apache Tomcat 5.5.30
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
Apache Tomcat 5.5.3
Apache Tomcat 5.5.32
Apache Tomcat 5.5.31
Apache Tomcat 5.5.9
1.9
CVSSv2
CVE-2011-2204
Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a lo...
Apache Tomcat 5.5.27
Apache Tomcat 5.5.18
Apache Tomcat 5.5.12
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.5.11
Apache Tomcat 5.5.28
Apache Tomcat 5.5.6
Apache Tomcat 5.5.26
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 5.5.5
Apache Tomcat 5.5.30
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
Apache Tomcat 5.5.3
Apache Tomcat 5.5.32
Apache Tomcat 5.5.31
Apache Tomcat 5.5.9
5
CVSSv2
CVE-2011-1475
The HTTP BIO connector in Apache Tomcat 7.0.x prior to 7.0.12 does not properly handle HTTP pipelining, which allows remote malicious users to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to &q...
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.5
Apache Tomcat 7.0.1
Apache Tomcat 7.0.7
Apache Tomcat 7.0.6
Apache Tomcat 7.0.0
Apache Tomcat 7.0.9
Apache Tomcat 7.0.8
Apache Tomcat 7.0.3
Apache Tomcat 7.0.2
Apache Tomcat 7.0.4
2 Github repositories
5.8
CVSSv2
CVE-2011-1088
Apache Tomcat 7.x prior to 7.0.10 does not follow ServletSecurity annotations, which allows remote malicious users to bypass intended access restrictions via HTTP requests to a web application.
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
5.8
CVSSv2
CVE-2011-1419
Apache Tomcat 7.x prior to 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote malicious users to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of ...
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.10
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
4.3
CVSSv2
CVE-2011-0013
Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 prior to 5.5.32, 6.0 prior to 6.0.30, and 7.0 prior to 7.0.6 allow remote malicious users to inject arbitrary web script or HTML, as demonstrated via the display-name tag.
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 6.0.15
Apache Tomcat 6.0.20
Apache Tomcat 6.0.10
Apache Tomcat 6.0.29
Apache Tomcat 6.0.3
Apache Tomcat 6.0.9
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0
Apache Tomcat 6.0.28
Apache Tomcat 6.0.0
Apache Tomcat 6.0.14
1.2
CVSSv2
CVE-2010-3718
Apache Tomcat 7.0.0 up to and including 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated usin...
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.0
Apache Tomcat 7.0.3
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 6.0.15
Apache Tomcat 6.0.20
Apache Tomcat 6.0.10
Apache Tomcat 6.0.29
Apache Tomcat 6.0.3
Apache Tomcat 6.0.9
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0
Apache Tomcat 6.0.28
Apache Tomcat 6.0.0
Apache Tomcat 6.0.14
Apache Tomcat 6.0.1
Apache Tomcat 6.0.12
1 Github repository
5
CVSSv2
CVE-2011-0534
Apache Tomcat 7.0.0 up to and including 7.0.6 and 6.0.0 up to and including 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote malicious users to cause a denial of service (OutOfMemoryError) via a crafted request...
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 6.0.15
Apache Tomcat 6.0.20
Apache Tomcat 6.0.10
Apache Tomcat 6.0.29
Apache Tomcat 6.0.3
Apache Tomcat 6.0.9
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0.28
Apache Tomcat 6.0.0
Apache Tomcat 6.0.14
4.3
CVSSv2
CVE-2010-4172
Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 up to and including 6.0.29 and 7.0.0 up to and including 7.0.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to s...
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 6.0.15
Apache Tomcat 7.0.0
Apache Tomcat 6.0.20
Apache Tomcat 6.0.29
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0.28
Apache Tomcat 6.0.14
Apache Tomcat 6.0.12
Apache Tomcat 6.0.18
Apache Tomcat 6.0.13
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 6.0.26
Apache Tomcat 6.0.19
Apache Tomcat 6.0.27
Apache Tomcat 6.0.16
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »