Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 6.0.31 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3375
Apache Tomcat 6.0.30 up to and including 6.0.33 and 7.x prior to 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote malicious users to obtain unintended read access to IP address and HTTP header information in ...
Apache Tomcat 6.0.30
Apache Tomcat 6.0.31
Apache Tomcat 6.0.32
Apache Tomcat 6.0.33
Apache Tomcat 7.0.0
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.3
Apache Tomcat 7.0.4
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
NA
CVE-2011-2729
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 up to and including 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 up to and including 5.5.33, 6.0.30 up to and including 6.0.32, and 7.0.x prior to 7.0.20 on Linux, does not drop capabilities, which a...
Apache Tomcat 5.5.32
Apache Tomcat 5.5.33
Apache Tomcat 6.0.30
Apache Tomcat 6.0.31
Apache Tomcat 6.0.32
Apache Apache Commons Daemon 1.0.3
Apache Apache Commons Daemon 1.0.4
Apache Apache Commons Daemon 1.0.5
Apache Apache Commons Daemon 1.0.6
Apache Tomcat 7.0.0
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
NA
CVE-2012-2733
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.28 does not properly restrict the request-header size, which allows remote malicious users to cause a denial of service (memory consumptio...
Apache Tomcat 6.0
Apache Tomcat 6.0.0
Apache Tomcat 6.0.1
Apache Tomcat 6.0.2
Apache Tomcat 6.0.3
Apache Tomcat 6.0.4
Apache Tomcat 6.0.5
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.8
Apache Tomcat 6.0.9
Apache Tomcat 6.0.10
NA
CVE-2012-4534
org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote malicious users to cause a denial of service (infinite loop) by terminating the connectio...
Apache Tomcat 6.0
Apache Tomcat 6.0.0
Apache Tomcat 6.0.1
Apache Tomcat 6.0.2
Apache Tomcat 6.0.3
Apache Tomcat 6.0.4
Apache Tomcat 6.0.5
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.8
Apache Tomcat 6.0.9
Apache Tomcat 6.0.10
NA
CVE-2012-4431
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.32 allows remote malicious users to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
Apache Tomcat 6.0
Apache Tomcat 6.0.0
Apache Tomcat 6.0.1
Apache Tomcat 6.0.2
Apache Tomcat 6.0.3
Apache Tomcat 6.0.4
Apache Tomcat 6.0.5
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.8
Apache Tomcat 6.0.9
Apache Tomcat 6.0.10
NA
CVE-2011-4858
Apache Tomcat prior to 5.5.35, 6.x prior to 6.0.35, and 7.x prior to 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sendi...
Apache Tomcat 5.5.35
Apache Tomcat 6.0.0
Apache Tomcat 6.0.1
Apache Tomcat 6.0.2
Apache Tomcat 6.0.3
Apache Tomcat 6.0.4
Apache Tomcat 6.0.5
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.8
Apache Tomcat 6.0.9
Apache Tomcat 6.0.10
1 EDB exploit
NA
CVE-2012-3546
org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.30, when FORM authentication is used, allows remote malicious users to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_...
Apache Tomcat 6.0
Apache Tomcat 6.0.0
Apache Tomcat 6.0.1
Apache Tomcat 6.0.2
Apache Tomcat 6.0.3
Apache Tomcat 6.0.4
Apache Tomcat 6.0.5
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.8
Apache Tomcat 6.0.9
Apache Tomcat 6.0.10
NA
CVE-2011-2204
Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a lo...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2011-5062
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.12 does not check qop values, which might allow remote malicious users to bypass intended integrity-protection requirements via a qop=auth value,...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2011-5063
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.34, 6.x prior to 6.0.33, and 7.x prior to 7.0.12 does not check realm values, which might allow remote malicious users to bypass intended access restrictions by leveraging the availability of...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
local
IMAP
CVE-2024-8504
CVE-2024-42327
CVE-2024-11904
CVE-2024-47107
CVE-2024-53143
XML injection
CVE-2024-54750
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »