Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2022-4132
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
Dogtagpki Network Security Services For Java
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.9
CVSSv3
CVE-2021-24122
When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpec...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Debian Debian Linux 9.0
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.6
5.9
CVSSv3
CVE-2019-2684
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network ...
Oracle Jdk 11.0.2
Oracle Jdk 12
Oracle Jre 11.0.2
Oracle Jre 12
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Satellite 5.8
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
2 Github repositories
5.9
CVSSv3
CVE-2016-0708
Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automati...
Cloudfoundry Java Buildpack
Cloudfoundry Cf-release
5.3
CVSSv3
CVE-2024-21733
Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 up to and including 8.5.63, from 9.0.0-M11 up to and including 9.0.43. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onw...
Apache Tomcat 9.0.0
Apache Tomcat
5.3
CVSSv3
CVE-2023-45648
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 up to and including 11.0.0-M11, from 10.1.0-M1 up to and including 10.1.13, from 9.0.0-M1 up to and including 9.0.81 and from 8.5.0 up to and including 8.5.93 did not correctly parse HTTP trailer heade...
Apache Tomcat 9.0.0
Apache Tomcat 10.1.0
Apache Tomcat 11.0.0
Apache Tomcat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
5.3
CVSSv3
CVE-2023-42795
Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 up to and including 11.0.0-M11, from 10.1.0-M1 up to and including 10.1.13, from 9.0.0-M1 up to and including 9.0.80 and from 8.5.0 up to and including 8.5.93...
Apache Tomcat 9.0.0
Apache Tomcat 10.1.0
Apache Tomcat 11.0.0
Apache Tomcat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
5.3
CVSSv3
CVE-2023-1663
Coverity versions before 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. The root cause of this vulnerability is an insecurely configured servlet mapping for the underlying Apache Tomcat server. As a result, the downloads ...
Synopsys Coverity
5.3
CVSSv3
CVE-2021-33037
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ign...
Apache Tomcat
Apache Tomee 8.0.6
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Sd-wan Edge 9.0
Oracle Managed File Transfer 12.2.1.4.0
Oracle Secure Global Desktop 5.6
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Session Route Manager
Oracle Mysql Enterprise Monitor
Oracle Communications Session Report Manager
Oracle Sd-wan Edge 9.1
Oracle Utilities Testing Accelerator 6.0.0.2.2
Oracle Utilities Testing Accelerator 6.0.0.3.1
Oracle Utilities Testing Accelerator 6.0.0.1.1
5.3
CVSSv3
CVE-2019-1622
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to retrieve sensitive information from an affected device. The vulnerability is due to improper access controls for certain URLs...
Cisco Data Center Network Manager 11.0\\(1\\)
1 EDB exploit
2 Metasploit modules
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »