Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 5.5.33 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-2729
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 up to and including 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 up to and including 5.5.33, 6.0.30 up to and including 6.0.32, and 7.0.x prior to 7.0.20 on Linux, does not drop capabilities, which a...
Apache Tomcat 5.5.32
Apache Tomcat 5.5.33
Apache Tomcat 6.0.30
Apache Tomcat 6.0.31
Apache Tomcat 6.0.32
Apache Apache Commons Daemon 1.0.3
Apache Apache Commons Daemon 1.0.4
Apache Apache Commons Daemon 1.0.5
Apache Apache Commons Daemon 1.0.6
Apache Tomcat 7.0.0
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
NA
CVE-2011-2204
Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a lo...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2011-5062
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.12 does not check qop values, which might allow remote malicious users to bypass intended integrity-protection requirements via a qop=auth value,...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2011-5063
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.12 does not check realm values, which might allow remote malicious users to bypass intended access restrictions by leveraging the availability of...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2011-5064
DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote malicious users ...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2011-1184
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote malicious users to bypass intended access ...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2011-2526
Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2012-0022
Apache Tomcat 5.5.x prior to 5.5.35, 6.x prior to 6.0.34, and 7.x prior to 7.0.23 uses an inefficient approach for handling parameters, which allows remote malicious users to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter val...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2011-3190
Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 up to and including 7.0.20, 6.0.0 up to and including 6.0.33, 5.5.0 up to and including 5.5.33, and possibly other versions allow remote malicious users to spoof AJP requests, bypass authentication, and obtain ...
Apache Tomcat 7.0.0
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.3
Apache Tomcat 7.0.4
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.8
Apache Tomcat 7.0.9
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
NA
CVE-2012-5885
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.36, 6.x prior to 6.0.36, and 7.x prior to 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »